Nebraska Staffing is hiring: Cybersecurity Application Security Engineer in Omah

divh2Application Security Engineer/h2pNelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer, professional services company, consumer loan originator and servicer, payments processor, renewable energy solutions, and K-12 and higher education expert. For over 40 years, Nelnet has been serving its customers, associates, and communities. The perks of working at Nelnet go beyond our benefits package. When you join the Nelnet team, youre part of a community invested in the success of each individual. That support comes through in our work, as we are united by our mission of creating opportunities for people where they live, learn, and work./ppWe are seeking a highly skilled Application Security Engineer with strong experience across secure code review, penetration testing, automation, and modern SDLC practicesincluding emerging AI/LLM security. In this role, you will partner closely with engineering, cloud, and product teams to safeguard our applications, services, and AI-driven components from design through production. You will combine hands-on technical testing with scalable automation and developer enablement to mature our AppSec program and ensure secure, resilient applications at speed./ppThis position offers a hybrid work option. Nelnet values flexibility and understands the importance of work-life integration. Our hybrid work environment allows associates living within 30 miles of an office location to work remotely for part of the week, while also fostering collaboration and team connection through in-office presence three days per week./ppPlease note that we are unable to provide visa sponsorship for this position. To be considered, candidates must already be authorized to work in the United States without the need for current or future sponsorship./ph3Job Description/h3pManual Source Code Review/ppSAST/DAST Scanning/ppExpand the Security Champions Program/ppDevelop Automated Source Code Review Processes/ppWork with Product Teams to Ensure Secure SDLC Processes Are in Place/ppProvide Detailed Vulnerability Reports to Businesses/ph3Experience/h3p24 years of hands-on application security experience/ppExperience integrating security tooling and automated checks into CI/CD pipelines/ppFamiliarity and experience with OWASP Top 10 and web testing methodologies/ppExperience with effectively assessing and communicating risks and appropriate levels of urgency to management and engineering staff/ppExperience with technical report writing and communication/ph3Competencies Skills/Knowledge/Abilities/h3pStrong manual code review experience in at least one major language (Java, JavaScript/TypeScript, C#, PHP, etc.)/ppSolid threat-modeling expertise (STRIDE, attack trees, misuse cases) for both traditional systems and AI/LLM-integrated features/ppProficiency with SAST, SCA, DAST, web and mobile pentesting, container scanners, secrets-detection tools, and ideally AI-security scanning platforms/ppExperience integrating security tooling and automated checks into CI/CD pipeline/ppScripting/automation skills (Python, Bash, Node) for building custom tooling and automating manual processes/ppGood understanding of AI/LLM attack surfaces including prompt injection, insecure output handling, model-data leakage, and RAG vulnerabilities/ppStrong knowledge of web/API security concepts (session management, secure storage, transport security)/ppExcellent organizational, presentation, verbal, and written communication skills/ppAbility to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff/ppAptitude for self-study, setting and achieving long term goals/ppActively seeks to remain technically current and increase expertise and abilities/ppChallenges prevailing assumptions when appropriate/ppWilling to adapt to changing technology and business landscapes/ppConsiders change as opportunities to be challenged and grow/ppAbility to adapt style of communications to match audience and information sharing needs/ph3Pay Range/h3pPay range for this role is $90,000-$125,000 annually, depending on experience./p/div