Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead application security initiatives and enhance secure development practices globally.
- Company: Trimble connects the physical and digital worlds, transforming industries with innovative technology.
- Benefits: Enjoy remote work flexibility, diverse culture, and opportunities for professional growth.
- Why this job: Be a key player in shaping security strategies and making a real impact across engineering teams.
- Qualifications: 5+ years in application security with expertise in SCA and SAST tools; strong communication skills required.
- Other info: Join a diverse team committed to inclusivity and equal opportunity.
The predicted salary is between 48000 - 84000 ยฃ per year.
Senior Application Security Engineer page is loaded
Senior Application Security Engineer
Apply locations UK – Remote Germany – Remote Romania – Remote Poland – Remote time type Full time posted on Posted Yesterday job requisition id R51049
Your Title: Senior Application Security Engineer
Job Location : UK – Remote, Germany – Remote, Poland – Remote OR Romania – Remote
About the Role:
Trimble is seeking a highly experienced and passionate Senior Application Security Engineer to lead our Software Composition Analysis (SCA) and Static Application Security Testing (SAST) initiatives, with a primary focus on driving the strategic implementation and optimization of our SCA tool. This is a pivotal, corporate-level role for an individual who isn\’t just an expert in application security tooling but is also a visionary leader capable of shaping our organization\’s approach to open-source security and secure development practices across a global engineering footprint.
You\’ll be instrumental in evolving our application security posture, acting as a subject matter expert and a champion for best practices within our diverse engineering teams. Your deep technical expertise, combined with strong communication and leadership skills, will enable us to maximize the value derived from our SCA tool investment and further embed security into our software development lifecycle. This role requires the ability to drive strategy and solutions that benefit the vast majority of our engineering teams , ensuring scalable and effective security measures before addressing niche requirements.
Key Responsibilities:
-
SCA and SAST Leadership & Global Strategy:
-
Serve as the primary technical lead and subject matter expert for SCA across Trimble, including SAST (if applicable);
-
Drive the strategic vision, roadmap, and continuous improvement of our SCA implementation at an enterprise level, focusing on solutions that scale to 99% of our engineering teams globally;
-
Lead the integration of SCA into our CI/CD pipelines, build systems, and development workflows for various technology stacks (e.g., .NET, Java, Python, JavaScript, Go, etc.);
-
Optimize our SCA policies, rules, and configurations to reduce false positives, increase accuracy, and align with Trimble\’s risk appetite across diverse product portfolios;
-
Develop and implement strategies for managing and remediating open-source vulnerabilities and license compliance issues identified by our SCA tool, considering the varied needs of a global organization;
-
Champion the adoption of SCA across all development teams through scalable training programs, comprehensive documentation, and strategic support models;
-
Stay current with our SCA tools features, updates, and best practices, proactively recommending and implementing enhancements that benefit the broader engineering organization.
-
-
Application Security Program Enhancement:
-
Collaborate with development teams, architects, and product owners globally to embed security best practices throughout the SDLC;
-
Provide expert guidance and hands-on support for vulnerability remediation efforts across various applications;
-
Develop and deliver security training and awareness programs tailored to developer needs at scale, with a strong focus on SCA and SAST;
-
Contribute to the selection, evaluation, and implementation of other application security tools and processes as needed;
-
Participate in security reviews, threat modeling, and architecture discussions to identify and mitigate security risks early in the development process;
-
Advise on secure coding guidelines and standards.
-
-
Operational Excellence:
-
Establish and report on key metrics and KPIs related to SCA and SAST program effectiveness for the entire organization;
-
Automate security processes and tooling where possible to improve efficiency and scalability;
-
Respond to security incidents related to application vulnerabilities and provide expert analysis and remediation guidance;
-
Mentor junior security engineers and provide technical leadership within the security team.
-
Required Qualifications
-
Bachelor\’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience;
-
5+ years of progressive experience in application security, with a strong focus on secure software development lifecycle (SSDLC);
-
Demonstrable expert-level experience (5+ years) specifically implementing, configuring, tuning, and optimizing SCA for large, complex organizations. This includes deep expertise with SCA and a strong understanding of its integration capabilities;
-
Proven experience with other SAST tooling (e.g., Checkmarx, SonarQube, Fortify, Veracode) and a strong understanding of their principles and challenges;
-
Hands-on experience integrating security tools into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI, GitHub Actions);
-
Strong understanding of common application security vulnerabilities (OWASP Top 10, CWE) and their exploitation and remediation;
-
Proficiency in at least one major programming language (e.g., Java, C#, Python, JavaScript, Go);
-
Experience working in agile development environments;
-
Exceptional communication, presentation, and interpersonal skills, with the ability to articulate complex technical concepts and strategic initiatives to a wide (global) audience of engineers and product owners;
-
Proven ability to drive strategy and influence change at an organizational level, focusing on broad solutions that impact a significant majority of engineering teams;
-
Proven ability to lead and influence cross-functional teams without direct authority.
About Trimble:
Trimble is transforming the way the world works by delivering products and services that connect the physical and digital worlds. Core technologies in positioning, modeling, connectivity and data analytics enable customers to improve productivity, quality, safety and sustainability. From purpose built products to enterprise lifecycle solutions, Trimble software, hardware and services are transforming a broad range of industries such as agriculture, construction, geospatial and transportation and logistics.
Trimbleโs Inclusiveness Commitment
We believe in celebrating our differences. That is why our diversity is our strength. To us, that means actively participating in opportunities to be inclusive. Diversity, Equity, and Inclusion have guided our current success while also moving our desire to improve. We actively seek to add members to our community who represent our customers and the places we live and work.
We have programs in place to make sure our people are seen, heard, and welcomed and most importantly that they know they belong, no matter who they are or where they are coming from.
Trimble is proud to be an Equal Opportunity and Affirmative Action Employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation,status as a covered veteran in accordance with applicable federal, state and local laws, or any other protected factor. EOE/M/F/V/D
Trimbleโs Privacy Policy
#J-18808-Ljbffr
Senior Application Security Engineer employer: Trimble
Contact Detail:
Trimble Recruiting Team
StudySmarter Expert Advice ๐คซ
We think this is how you could land Senior Application Security Engineer
โจTip Number 1
Familiarise yourself with the specific SCA and SAST tools mentioned in the job description, such as Checkmarx and SonarQube. Understanding their functionalities and how they integrate into CI/CD pipelines will give you a significant edge during discussions.
โจTip Number 2
Highlight your experience in leading cross-functional teams and driving strategy at an organisational level. Be prepared to share examples of how you've influenced change and improved security practices in previous roles.
โจTip Number 3
Stay updated on the latest trends and best practices in application security, particularly around open-source vulnerabilities and secure coding guidelines. This knowledge will not only help you in interviews but also demonstrate your commitment to continuous learning.
โจTip Number 4
Prepare to discuss your approach to developing training programs for developers on SCA and SAST. Being able to articulate how you would champion security best practices across diverse engineering teams will showcase your leadership capabilities.
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application ๐ซก
Tailor Your CV: Make sure your CV highlights your experience in application security, particularly with SCA and SAST. Use specific examples that demonstrate your expertise and how you've driven security initiatives in previous roles.
Craft a Compelling Cover Letter: In your cover letter, express your passion for application security and your vision for enhancing security practices. Mention how your leadership skills can contribute to Trimble's goals and the importance of embedding security into the software development lifecycle.
Showcase Relevant Skills: Clearly outline your technical skills related to SCA tools, CI/CD integration, and secure coding practices. Highlight your proficiency in programming languages and any experience with agile development environments.
Demonstrate Communication Skills: Since this role requires strong communication abilities, provide examples of how you've effectively communicated complex technical concepts to diverse teams. This could include training sessions, presentations, or documentation you've created.
How to prepare for a job interview at Trimble
โจShowcase Your Technical Expertise
As a Senior Application Security Engineer, it's crucial to demonstrate your deep understanding of SCA and SAST tools. Be prepared to discuss specific experiences where you've implemented or optimised these tools in previous roles, highlighting the impact on security posture.
โจCommunicate Clearly and Confidently
Strong communication skills are essential for this role. Practice articulating complex technical concepts in a way that is accessible to non-technical stakeholders. This will show your ability to bridge the gap between engineering teams and management.
โจPrepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world scenarios. Prepare examples of how you've handled security vulnerabilities or integrated security practices into development workflows, focusing on your strategic approach and outcomes.
โจDemonstrate Leadership Qualities
This role requires influencing change across teams without direct authority. Be ready to share examples of how you've led initiatives or mentored others in application security, showcasing your ability to drive strategy and foster collaboration.
