Application Security Engineer
Company: Ryder System
Location: Boston
Posted on: February 1, 2026
|
|
|
Job Description:
Job Seekers can review the Job Applicant Privacy Policy by
clicking here (http://ryder.com/job-applicant-privacy-policy) . Job
Description : SUMMARY We seek a highly motivated and experienced
Application Security Engineer to join our growing security team.
This role is highly technical and candidates must possess a solid
understanding of the security and privacy of our company's
applications and data. The Application Security Engineer must
understand development, coding, security engineering, and secure
systems configurations. This position ensures that every step of
the software development lifecycle (SDLC) follows security best
practices. This involves conducting security assessments with SAST
and DAST tools, reading source code, threat modeling, and designing
and implementing secure software development practices. They will
determine where security vulnerabilities exist and implement fixes.
They must understand how an application may be misused and
exploited. The Application Security Engineer will collaborate with
software development teams and provide guidance on best practices
for secure coding. They will also stay up to date on the latest
security trends and technologies and integrate them into the
organization's security strategy. The ideal candidate will have
strong analytical and problem-solving skills, as well as experience
in application security and knowledge of programming languages and
web technologies. A Bachelor's degree in Computer Science and
certifications such as CISSP, OSCP, or CASE are preferred.
ESSENTIAL FUNCTIONS Conduct security assessments that require
expertise of our organization's applications using both Static
Application Security Testing (SAST) and Dynamic Application
Security Testing (DAST) methodologies. Collaborate with software
development teams to integrate security into the development life
cycle. Conduct security assessments of web, mobile, and other
applications. Analyze security assessment results to identify
security vulnerabilities and provide guidance on remediation.
Design and implement secure software development practices,
including threat modeling, secure coding standards, and code
review. Stay current with security threats, trends, and
technologies, and recommend new security controls as needed.
Conduct application security investigations and provide
recommendations to mitigate risk. Maintain security documentation,
provide subject matter expertise, and collaborate on security
policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES
Performs other duties as assigned. EDUCATION Bachelor's degree in
computer science, information security, or a related field
EXPERIENCE Five (5) years or more experience with OWASP, SAST,
DAST, SCA, RASP and common security tools, required. Seven (7)
years or more application security, security engineering, software
development, or a related field, required. Five (5) years or more
strong understanding of web application security and common attack
vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years
or more experience with secure coding practices, threat modeling,
and secure software development life cycle (SDLC) methodologies.
required Five (5) years or more proven experience in diagnosing,
isolating, resolving complex issues and recommending/implementing
strategies to resolve problems, required. Five (5) years or more
demonstrated experience with systems integration processes,
methodology and tools, required. Seven (7) years or more
development and scripting experience, required. Five (5) years or
more professional application security role, required. Five (5)
years or more experience with API and Web Security, required. Three
(3) years or more experience with WAF, or similar application
security infrastructure a plus, preferred. Seven (7) years or more
experience in integrating security in CI/CD, DevOps, required. Six
(6) years or more experience process or operation management Six
(6) years or more experience Value Stream Mapping, Continuous Flow,
Pull Replenishment and other process improvement experience. SKILLS
Excellent communication skills, both verbal and written, and the
ability to work effectively with cross-functional teams. Ability to
create and maintain professional relationships within all levels of
the organization (peers, work groups, customers, supervisors).
Ability to work independently and as a member of a team.
Flexibility to operate and self-driven to excel in a fast-paced
environment. Capable of multi-tasking, highly organized, with
excellent time management skills Proficiency in at least one
programming language (e.g. Python, .NET, Javascript) with .NET
preferred., advanced, required. Proficiency in at least one common
scripting language (e.g. PowerShell, bash, etc.), advanced,
required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX,
CCPA, GDPR and global regulations, expert, required. CI/CD
experience with Azure Devops, Terraform or other automation and
integration technologies, expert, required. Risk management
findings, vulnerability prioritization, threat modeling, and
mitigation strategy, advanced, required. LICENSES CISSP, OSCP,
CASE, or other industry-leading certifications, preferred. TRAVEL
1-10% Job Category: Information Security Compensation Information :
The compensation offered to a candidate may be influenced by a
variety of factors, including the candidate’s relevant experience;
education, including relevant degrees or certifications; work
location; market data/ranges; internal equity; internal salary
ranges; etc. The position may also be eligible to receive an annual
bonus, commission, and/or long-term incentive plan based on the
level and/or type. Compensation ranges for the position are below:
Pay Type : Salaried Minimum Pay Range: $110,000.00 Maximum Pay
Range: $130,000.00 Benefits Information: For all Full-time
positions only : Ryder offers comprehensive health and welfare
benefits, to include medical, prescription, dental, vision, life
insurance and disability insurance options, as well as paid time
off for vacation, illness, bereavement, family and parental leave,
and a tax-advantaged 401(k) retirement savings plan. Ryder is proud
to be an Equal Opportunity Employer and Drug Free workplace. All
qualified applicants will receive consideration for employment
without regard to race, religion, color, national origin, sex,
sexual orientation, gender identity, age, status as a protected
veteran, among other things, or status as a qualified individual
with disability. Important Note : Some positions require additional
screening that may include employment and education verification;
motor vehicle records check and a road test; and/or badging or
background requirements of the customer to which you are assigned.
Security Notice for Applicants: Ryder will only communicate with an
applicant directly from a [@ryder.com] email address and will never
conduct an interview online through a chat type forum, messaging
app (such as WhatsApp or Telegram), or via an online questionnaire.
During an interview, Ryder will never ask for any form of payment
or banking details and will never solicit personal information
outside of the formal submitted application through
www.ryder.com/careers . Should you have any questions regarding the
application process or to verify the legitimacy of an interview or
Ryder representative, please contact Ryder at careers@ryder.com or
800-793-3754. Current Employees : If you are a current employee at
Ryder, please click here
(http://wd5.myworkday.com/ryder/d/task/1422$3.htmld) to log in to
Workday to apply using the internal application process. Job
Seekers can review the Job Applicant Privacy Policy by clicking
here (http://ryder.com/job-applicant-privacy-policy) . \wd
Keywords: Ryder System, Nantucket , Application Security Engineer, IT / Software / Systems , Boston, Massachusetts
