TQL

About the role:

As an Application Security Engineer at TQL, you’ll help design, implement and maintain security controls across the software development lifecycle. You’ll partner closely with engineering and product teams to ensure applications are secure by design, vulnerabilities are identified early and remediation efforts are driven without slowing development.

This role is ideal for someone passionate about secure coding, threat modeling and embedding security into modern CI/CD pipelines while enabling teams to move fast and safely.

What’s in it for you:

• Competitive compensation
• Opportunities to influence security practices across modern applications
• Exposure to cloud‑native and DevSecOps environments
• Advancement opportunities with aggressive and structure career paths
• Comprehensive benefits package
  • Health, dental and vision coverage
  • 401(k) with company match
  • Perks including employee discounts, financial wellness planning, tuition reimbursement and more
• Certified Great Place to Work and voted a 2019-2026 Computerworld Best Places to Work in IT 

What we’re looking for:

• 3+ years of experience in application security or software engineering
• A strong understanding of web application architectures and common vulnerabilities such as the OWASP Top 10
• Experience securing applications written in languages such as Java, C#, Python or JavaScript/TypeScript
• Hands‑on experience with application security testing tools such as Snyk, Veracode, Checkmarx, Burp Suite or OWASP ZAP
• Strong understanding of authentication and authorization mechanisms including OAuth, OIDC, JWT and SAML
• Familiarity with cloud environments such as AWS, Azure or GCP
• Ability to clearly communicate security risks and remediation guidance to both technical and non‑technical audiences
• Experience with DevSecOps practices is a plus
• Experience with container or Kubernetes security is a plus
• Security certifications such as OSCP or CEH are a plus

What you’ll be doing:

• Embed security practices throughout the software development lifecycle from design through deployment
• Perform application security testing including static, dynamic and dependency analysis
• Partner with engineering teams to triage, prioritize and remediate application vulnerabilities
• Conduct threat modeling and security architecture reviews for new and existing applications
• Develop and maintain secure coding standards and security guidelines
• Integrate application security tools into CI/CD pipelines
• Support incident response efforts related to application‑level vulnerabilities
• Stay current on emerging threats, vulnerabilities and security best practices
• Provide security guidance, training and mentorship to developers

Where you'll be: 4289 Ivy Pointe Boulevard, Cincinnati, Ohio 45245

Employment visa sponsorship is unavailable for this position. Applicants requiring employment visa sponsorship now or in the future (e.g., F-1 STEM OPT, H-1B, TN, J1 etc.) will not be considered.