Senior Cyber Security Engineer – Application Security

Senior Cyber Security Engineer – Application SecurityLocation: San Pedro Sula, Honduras or Panama Workplace: Hybrid (Remote 1 day/week after 4 months) | Travel: Up to 20% international Full-Time | 5+ Years Experience RequiredUnique Vacations Inc. is seeking a highly skilled and motivated Senior Cyber Security Engineer – Application Security to join our Information Security team. This pivotal role is responsible for designing, implementing, and maintaining robust security frameworks that protect our enterprise applications and ensure compliance with industry and regulatory standards.As a senior member of our AppSec team, you’ll work closely with developers, architects, and cross-functional teams to embed security into every phase of the software development lifecycle (SDLC), lead secure coding initiatives, and shape our DevSecOps strategy. Key ResponsibilitiesChampion security best practices across engineering and development teams.Integrate security tools (SAST, DAST, SCA, IaC scanners) into CI/CD pipelines.Lead or support a Security Champions program to enhance AppSec maturity.Collaborate with incident response teams for application-layer investigations.Conduct threat modeling, vulnerability assessments, and root cause analyses.Provide hands-on guidance and training for secure coding practices.Evaluate and implement tools for secrets detection, runtime protection, and more.Track and report on key AppSec metrics and remediation timelines.Ensure alignment with regulatory standards (GLBA, PCI-DSS, GDPR, etc.).Act as a security SME across application and infrastructure projects.Continuously assess and enhance the cybersecurity posture using NIST or similar frameworks. What We’re Looking For5+ years in application security or a similar cybersecurity engineering role.In-depth knowledge of SSDLC and secure CI/CD practices.Proficient in AppSec testing techniques: SAST, DAST, SCA, IAST.Expertise in vulnerability classes (OWASP Top 10, CWE) and threat modeling.Familiarity with cloud platforms: AWS, Azure, or GCP.Hands-on experience with tools like Snyk, Checkmarx, Veracode, OWASP ZAP, Burp Suite.Strong understanding of secure API development and secrets management.Experience with container and infrastructure security (Docker, Kubernetes, Terraform).Ability to communicate security risks effectively to technical and non-technical stakeholders.Experience mentoring development teams and leading secure coding initiatives. Preferred Certifications (One or More)OSWE, GWAPT, GWEB, GPENCSSLP, CISSP, CISM, CEHAWS/Azure/GCP Security Specialty EducationBachelor’s degree in Computer Science, Cybersecurity, or a related field (preferred).If you're passionate about application security, DevSecOps, and working collaboratively to protect and strengthen digital ecosystems, we invite you to apply and be part of our mission.