0200 Ares Operations LLC · New York, NY

AppSec Security Engineer

Full-timeNew York, NYPosted 2026-07-08Apply on Workday

Full job description

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.

Job Description

Job Family: Cybersecurity Engineering

REPORTING RELATIONSHIPS

Reports to: Cybersecurity Engineering Manager

Direct Reports: None

POSITION SUMMARY STATEMENT

We are seeking an experienced Application Security Engineer to build, mature, and scale our AppSec program. In this role, you will embed directly with our Product and Engineering teams to secure both our third-party SaaS applications and our home-grown applications. You will serve as a trusted security consultant and a hands-on engineer. You will review complex API designs, threat model new features, and build custom security tooling. You will play a critical role in defining security development standards from scratch and automating security controls directly into our CI/CD pipelines.

We’re seeking someone who is excited to bring an automation-first mindset and who knows how to balance developer needs with risk-informed pragmatism. You will bridge security, development and operation cultures by translating between development who want speed, security teams who want safety, and operation teams who want stability.

We value diverse backgrounds, perspectives, and experiences, and we are committed to building a team where everyone feels they belong. We especially encourage candidates from underrepresented communities in cybersecurity and technology to apply. Our interview process focuses on problem-solving ability, practical skills, and collaborative mindset.

DETAILED RESPONSIBILITIES/DUTIES

You will help advance our automation‑first engineering strategy by designing and maintaining the foundational systems that enable secure, reliable, and scalable software delivery across the organization.

Engineering and Development

  • Pipeline Integration: Embed SAST, SCA, DAST, container/IaC scanning, and secret detection tools into pipelines for home-grown apps.
  • Infrastructure as Code: Develop secure IaC patterns using Terraform, Helm, and Kustomize.
  • Build Security Tooling: Partner with engineering teams to establish and champion secure coding standards, creating reusable security patterns and libraries that make it easier for developers to build securely by default
  • AI-empowered Review Assistance: Integrate and leverage AI agents to help increase velocity for the security team and the overarching engineering org to ensure that we are proactive in minimizing risk while we build products

Architecture & Design Consultation

  • Security Design & Threat Modeling: Lead security design and threat modeling sessions based on OWASP Top 10 and Mitre & Attack with Product and Engineering teams during early software design phases
  • API Security Evaluation: Review API designs and integrations to eliminate authentication anti-patterns, token mismanagement, and injection risks.
  • Cloud & Container Security: Define and validate security controls for Azure and Kubernetes to mitigate application-layer risks.

Collaboration & Governance

  • Program Maturation: Define AppSec coverage, tooling, and assessment processes from scratch across our application landscape. Own and evolve our application security program including establishing and maintaining SAST/DAST scanning in CI/CD pipelines, conducting security code reviews for critical changes, and building automation that catches vulnerabilities before they reach production
  • Stakeholder Management: Partner with engineering  teams and stakeholders to remediate vulnerabilities and drive long-term improvements in secure coding practices
  • Risk Communication: Translate complex security risks into clear, actionable engineering requirements for development teams

SUPERVISORY RESPONSIBILITIES

None

Required Qualifications

  • Proficient in SAST/SCA/DAST, container/IaC scanners, and secret scanning into pipelines
  • Hands-on with one or more CI/CD stacks (GitHub Actions, GitLab CI, Azure DevOps, Jenkins)
  • Proficient in Terraform/IaC, Kubernetes, and cloud provider security (Azure preferred)
  • Significant hands-on application security experience, , including expert knowledge of established standards (OWASP Top 10, API Security Top 10, OWASP LLM Top 10) and how common vulnerability classes manifest in production systems
  • Strong Threat modeling and security review experience with Product and Engineering teams
  • Experience building security tooling or automation (scripts, pipelines, libraries)
  • Familiarity with Azure and Kubernetes security controls as they relate to application-layer risks
  • Demonstrated experience reviewing API designs and implementations for auth anti-patterns, token mismanagement, injection risks, and sensitive data exposure
  • Experience building or maturing an AppSec program where coverage, tooling, or process needed to be defined from scratch
  • Familiarity with OIDC workload identity, artifact registries, and software supply chain controls
  • Clear communicator who can translate risk into engineering work

Preferred Qualifications

  • Built policy gates with OPA/Gatekeeper or Kyverno; authored custom policies.

Education

  • Bachelor’s degree, relevant technical training, or equivalent hands-on experience. We welcome candidates with nontraditional educational paths.
  • Azure Security Certification is preferred
  • Advanced certifications in cloud and AI security are a plus.

LEADERSHIP REQUIREMENTS

  • Strong sense of ownership, accountability, and attention to detail.
  • Ability to manage competing priorities and deliver results in a dynamic environment while maintaining healthy work practices.
  • Proven track record of developing and maintaining structured processes that support efficiency, scalability, and rapid business growth.
  • Inclusive leadership style; ability to work effectively with collaborators who have diverse backgrounds, communication styles, and technical strengths.
  • Curiosity and a growth mindset, with the ability to adapt approaches to evolving technology landscapes.
  • Strong communication skills for bridging technical and business perspectives.
  • Role requires occasional coordination with global teams; we support flexible scheduling to accommodate individual needs.
  • The team supports different communication and work styles.

Why Join Us

You will have the opportunity to define foundational controls for rapidly expanding cloud and AI environments, influence enterprise-wide security strategy, and collaborate with highly skilled engineering and security teams across the organization. Your work will directly safeguard the platforms that power next-generation innovation in one of the industry’s most dynamic environments.

We are committed to equitable hiring. Candidates may qualify through a combination of education, training, lived experience, or self-directed learning. If you’re excited about the role but don’t meet every listed requirement, we encourage you to apply.

Reporting Relationships

Principal, Cybersecurity Platform Engineering

Compensation

The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role.

$240,000 - $270,000

The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit.

Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more.

There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.

Apply with Jobeezy (recommended)
We read the posting, score your fit, and submit through 0200 Ares Operations LLC's real system for you. One tap from the app.

Questions about this AppSec Security Engineer role

Is the AppSec Security Engineer role at 0200 Ares Operations LLC still open?
Yes — this posting is active and accepting applications through 2026-08-07. Listings can close once filled, so apply soon.
Where is the AppSec Security Engineer job at 0200 Ares Operations LLC located?
This role is based in New York, NY.
How do I apply for the AppSec Security Engineer role at 0200 Ares Operations LLC?
Apply directly through 0200 Ares Operations LLC's official hiring system, or let the Jobeezy app fill out and submit the application for you automatically.
Does Jobeezy apply to jobs for me?
Yes. Jobeezy can auto-apply to roles like this AppSec Security Engineer position on your behalf — you set your preferences once and confirm, and it handles the rest.

Similar open roles

Administrative Coordinator, Mid

631 Booz Allen Hamilton_United States
Workday
Location
Rome, NY
Type
Full-time
View role →

Cloud Cybersecurity Engineer

631 Booz Allen Hamilton_United States
Workday
Location
Rome, NY
Type
Full-time
View role →

Help Desk Specialist

631 Booz Allen Hamilton_United States
Workday
Location
Rome, NY
Type
Full-time
View role →

Delivery Driver (non CDL)

Asphalt Buyer II LLC
Workday
Location
Edgewood, NY
Type
Full-time
View role →

Investment Compliance Engineering Lead

0200 Ares Operations LLC
Workday
Location
New York, NY
Type
Full-time
View role →
Workday
Location
New York, NY
Type
Full-time
View role →

See all open roles →

Get Jobeezy

Want more AppSec Security Engineer roles? Let Jobeezy apply for you.

Free to start. No resume writing. No cover letters. We handle the search, the filter, and the apply — you just say yes to interviews.

Free on Android. You can delete your account in one tap.