Senior Application Security Engineer

Job description

ADP is hiring a Senior Application Security Engineer in our Alpharetta, GA office. This is a hybrid role. Overview: We are seeking a Senior Application Security Engineer to secure our software supply chain by assessing, governing, and mitigating risks associated with open-source software. This role partners closely with engineering, DevOps, and security teams to drive secure OSS adoption at scale. What You’ll Do: - Generate and analyze SBOMs and conduct OSS security assessments using tools like Snyk and Syft. - Evaluate and onboard security tools through POCs. - Build and operate cloud-based data pipelines to identify vulnerabilities, license risks, and supply chain threats. - Develop dashboards and reports to communicate security risk to engineering teams and leadership. - Design and integrate OSS security tooling, including JFrog Artifactory/Xray or Sonatype Nexus/Lifecycle. - Partner with engineering teams to guide secure open-source usage and remediation. - Support incident response efforts, including zero-day vulnerability management. - Create OSS security standards, documentation, and training materials. Experience You’ll Need: - 7+ years of experience in cybersecurity, appli...