Analysis Skills, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Automation, Banking Services, Bill of Materials (BOM), Computer Security, Continuous Deployment/Delivery, Continuous Integration, Documentation, Engineering, Establish Priorities, IDE (Integrated Development Environment), Information Technology & Information Systems, Interviewing Skills, Machine Tool, Malware, Metrics, Model Review, Onboarding, Open Source, Policy Development, Privacy Controls, Professional Services, Programming Tools, Risk, Sales Pipeline, Scripting (Scripting Languages), Security Infrastructure, Software Patches, Supply Chain, Systems Engineering, Testing, Validation Testing, Vulnerability Scanners, Web Client Plug-ins, Workflow Analysis
Position: Systems Engineer III
Location: Canton, Ohio
Duration: Contract
Job ID: 177924
Job Overview:
The Application Security AI Engineer will augment the Application Security team by providing unified triage coverage across SCA (Software Composition Analysis), SAST (Static Application Security Testing), and DAST (Dynamic Application Security Testing) findings, threat intelligence escalations, and PatchNow Critical events. This role involves triage and code scan vulnerability management, as well as hands-on engineering support to test, evaluate, and implement AI-assisted security tooling. The engineer will also focus on strengthening software supply chain security, safeguarding developer IDEs, plugins/extensions, and workflows from malicious code and compromise.
Responsibilities:
- Provide unified application security triage coverage across SCA, SAST, and DAST findings, including validation of critical and high-risk vulnerabilities, false positive analysis, exploitability assessment, remediation guidance, and escalation support for findings that may impact production, internet-facing, or business-critical applications.
- Rapidly assess and coordinate responses for threat intelligence escalations and PatchNow Critical events, including scope analysis, owner routing, mitigation guidance, tracking, and closure verification.
- Monitor and analyze newly disclosed and novel vulnerabilities, including faster-moving disclosures influenced by frontier-model-enabled research, and produce actionable briefs that drive remediation plans.
- Engineer, test, and implement application security tooling that leverages frontier models or AI-enabled capabilities for vulnerability identification, code reasoning, triage acceleration, remediation recommendations, and analyst workflow automation while preserving human review, auditability, and secure use controls.
- Support company processes for evaluating and onboarding new AI capabilities, including technical proof-of-value execution, security testing, control validation, data handling review, model output evaluation, success metrics, and documentation needed for internal governance and approval pathways.
- Strengthen software supply chain security by helping secure open-source dependency selection, package intake, SBOM (Software Bill of Materials) and component visibility, malicious package detection, dependency health assessment, and policy enforcement across developer, pipeline, and artifact management workflows.
- Assess and improve developer IDE security, plugins/extensions, and developer workflows, including package managers, code-assist tools, and CI integrations, against malicious code, compromised extensions, and unsafe configurations.
Qualifications:- Strong experience triaging SCA/SAST/DAST findings and managing high-severity escalations (threat intelligence and critical patch events) through remediation and closure.
- Engineering experience with scripting, automation, APIs, CI/CD workflows, developer tooling, or security platform integrations.
- Practical familiarity with AI-enabled security tools, frontier models, coding assistants, prompt and tool orchestration, model evaluation, or AI governance processes.
- Experience securing the software supply chain and developer tooling (IDEs, plugins/extensions, package managers, CI/CD integrations) against compromise and malicious code.
- Ability to translate technical vulnerability findings into clear remediation guidance, risk summaries, and prioritization recommendations for development and security stakeholders.
About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit www.ptrglobal.com
At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to:
- Pay any fee to be considered for, submitted to, or selected for any opportunity.
- Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process.
- Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup.
Pay Range: $60 - $69/hour on W2
The specific compensation for this position will be determined by several factors, including the scope, complexity, and location of the role, as well as the cost of labor in the market; the skills, education, training, credentials, and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits, including medical, dental, vision, and 401K contributions, as well as PTO, sick leave, and other benefits mandated by applicable state or localities where you reside or work.
If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at +1 214-740-2424. To report any concerns, please email us at legal@pinnacle1.com
P
Pinnacle Technical Resources