• Application Security Engineer

    Location US-NJ-Holmdel
    # of Openings
    Technology and Infrastructure
    Engineering Excellence
    Posting Level
  • Job Overview:

    Have development experience within a testing environment? Proficient in mentoring developers on secure coding? Skilled in Burp Suite Pro? We’re looking for an expert collaborator with an Agile background to join our team as a Security Test Engineer II, where you’ll be responsible for application development, coaching and mentoring colleagues on security tools, and preparing and executing security test cases for projects and features driven by the Product Management Council.


    In addition to performing application security engineering, you’ll be responsible for manual and automated penetration testing of features scheduled for release, and will serve as a subject matter expert on our Secure Software Development Lifecycle. If you’re a top-notch communicator who wants to work on pilot programs, gain exposure to different technologies and mentor others within our organization, let’s chat!

    About Us:

    iCIMS extends a work culture unlike any other East Coast-based technology provider. We focus on hiring candidates who display our seven cre competencies: passion, drive, transparency, adaptability, empathy, kaizen and customer commitment. If you eat, sleep, and breathe our competencies and desire to work in a casual yet results-driven environment that embraces innovation, then you’re just what we’re looking for!


    iCIMS is a high-growth Software-as-a-Service (SaaS) company that’s routinely voted one of the Best Places to Work in New Jersey. We are the industry's premier recruitment software provider, delivering technology that supports approximately 4,000 contracted customers around the globe. Committed to both growth and stability, we have a lot of opportunities for career advancement within our organization. Come grow with us—apply today!


    • Responsible for Manual Functional, Security, and Regression testing of features scheduled for release
    • Creates and maintains the Test Case Library, which can be run before every release by level II test engineers.
    • Helps set up test data or test environment for running test cases.
    • Reviews and verifies bug tickets within internal Bug Tracking Tool.
    • Creates and tracks defects in the bug tracking tool effectively.
    • Troubleshoots and helps address Security production tickets when routed to QA
    • Monitors project/feature implementation with an eye toward improving security.
    • Performs penetration and vulnerability assessments against projects/features, as necessary, and follow up to ensure that findings are properly addressed.
    • Manages the iCIMS third party Security Testing for monitoring, creation and validation of security bugs.
    • Prepares documentation for enabling “Test Labs” for agile teams
    • Supports training and mentoring level I test engineers with iCIMS products and features as needed.
    • Consistently ensures that business is conducted with integrity at all times and that behavior aligns with iCIMS policies, procedures, and core competencies


    • Minimum of 4 years of software testing experience of web based products. Must be familiar with entire Software Development Life Cycle process
    • 2+ years of specialized security testing, techniques and tools
    • Must be familiar with static and dynamic code analysis methodologies and processes
    • Exposed to various automated tools for Security.
    • Familiarity in testing software written in various programming languages and technologies, including Java, SQL, HTML, JavaScript, and XML/XSL
    • Strong analytical and problem solving skills
    • Strong communication & interpersonal skills
    • Self-motivated, able to learn and research issues independently
    • Proficient in a Windows and MS-SQL environment
    • Ability to apply risk based methodologies to information security issues
    • Experience with vulnerability management tools similar to or such as Nessus, Rapid7, Qualys, Burpsuite, Saint, etc.
    • Ability to leverage frameworks and standards such as SANS, NIST, ISO, and OWASP.

    EEO Statement:

    iCIMS is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, protected veteran status, disability status or any other characteristic protected by law.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.