SAST Application Security Engineer

Our client is in need of an Application Security Engineer to assist with their AI/ML applications and helping drive initiatives around autocode remediation. This role requires/must have experience with Checkmarx, SAST, and CI/CD pipeline experience. Experience with any type of AI tools with code administration or remediation experience is needed as well but they do not need someone who is an expert at that skill yet.

This will be a W2 contract working as a consultant for TEKsystems supporting the end client. The contract phase is expected to last for 6 months and there is a strong possibility of extending or converting FTE with the client pending the POC phase and performance in the role meets their expectations.

The contract will provide 40-hour work weeks with a regular 8-5, Monday through Friday schedule. Contractors with TEKsystems are eligible to purchase benefits (health, vision, dental) and get free access to Udemy Business for professional development purposes.

Top Skills

1. Design and implement SAST strategies tailored for AI/ML applications (including LLMs, TensorFlow, and PyTorch). Someone who has experience with any AI tools with code administration.

3. 4+ years of hands-on application security experience

2. Customize and integrate Checkmarx and Checkmarx ONE within CI/CD pipelines and developers. Support Checkmarx platform maintenance, including patching, upgrades, and vendor troubleshooting

3. Lead POC (Proof of Concept) efforts for automated vulnerability remediation tools such as Corgea. They will be working to define the integration elements which is a trailblazing opportunity for the organization. Creating and developing those designs, building out integration scripts where needed. Regarding the POC part- this individual will be engaged with the vendor so experience working with vendors and solid communication skills are a must have.

4. Develop integration scripts using Python and PowerShell

5. Drive vendor accountability and manage relationships with security product providers- working with the vendor as well as other app sec teams like the vulnerability management, vulnerability operations, etc.

Description

This role is a hands-on leadership opportunity at the intersection of AI/ML development and application security, focused on integrating Static Application Security Testing (SAST) tools—primarily Checkmarx—into complex environments involving generative AI, machine learning frameworks, and CI/CD automation. The engineer will design, implement, and lead efforts to secure AI-powered applications by embedding security throughout the development lifecycle.

Main Responsibilities:

Provide hands on technical support for Checkmarx and Checkmarx ONE platform

Drive vendor accountability to address product defects

Support patching, upgrade testing

Collaborate with Product Owners, Application Security Champions, development team members and offshore partners

Ensure documentation is current and reflects, process changes and have an eye for detail

Required Skills:

4+ years of application security experience

2+ years of experience with Agile and Atlassian products such as jira/confluence or equivalent

Good understanding of OWASP top 10

Strong verbal, written, and interpersonal communication skills

Excellent customer service skills

Ability to troubleshoot complex technology integration issues

Desired Skills:

2+ years of cloud experience

3+ years of scripting experience – python

2+ years of SQL experience

Locations:

Candidates must be able to go on site 3 days a week in an office at within the following cities with the exception of NYC/NJ:

1. Irving, Texas
2. Charlotte, NC
3. Minneapolis, MN
4. Chandler, Arizona
5. NYC/NJ area - candidates in this metro will come on site on an as needed basis.

Employee Value Proposition (EVP)

Working with cutting edge technology such as AI in an enterprise environment. Net new position so will be gaining high exposure to new AI technologies and helping lead the effort, which therefore will give you high exposure to top leadership for this initiative.

Business Drivers/Customer Impact

This client wants to bring in more AI into their environment to make them more efficient