TN Visa Application Security Engineer Jobs
Application Security Engineer roles qualify for TN visa sponsorship under the USMCA's Computer Systems Analyst category when your duties center on identifying vulnerabilities, designing secure systems, and conducting threat analysis. Canadian citizens can apply at the border or a U.S. consulate without a lottery. Mexican citizens require a consulate appointment.
See All Application Security Engineer JobsOverview
Showing 5 of 52+ Application Security Engineer jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 52+ Application Security Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Application Security Engineer roles.
Get Access To All JobsCompany Description
About AbbVie
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience - and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on LinkedIn, Facebook, Instagram, X and YouTube.
Job Description
Become a key player in our Information Security team as a Senior Application Security Engineer, where you will leverage your expertise in application security, security engineering, and software development to support and enhance our inline code testing and reporting processes. This role involves the implementation and administration of application security tooling, integration into CI/CD pipelines, and providing support for development teams using these products and consuming their findings.
This position can be remote anywhere in the U.S.
Responsibilities:
- Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code and dependency vulnerabilities during the software development lifecycle.
- Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize and deduplicate findings from multiple solutions and integrate into software development processes.
- Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
- Integrating security tooling with Continuous Integration/Continuous Deployment (CICD) pipelines.
- Developing detailed reports on security findings and remediation efforts.
- Demonstrate high proficiency across a wide range of technologies and platforms related to application security, software design and development, containerization, and cloud environments.
- Communicate security risks and evangelize secure development practices to development teams and their management.
- Lean/understand vulnerabilities, triage security risks at scale in disparate application development environments and business units.
Qualifications
Bachelor’s Degree and 6 years’ experience OR Master’s Degree and 5 years’ experience OR PhD and 0 years’ experience.
- Experience in application security and software development
- Years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
- Extensive knowledge of secure coding practices across multiple programming languages (esp. Java, Node.js)
- Extensive experience integrating security testing into CICD pipelines
- Strong knowledge of application security principles along with common vulnerabilities (e.g., OWASP Top 10, CWE, etc.) and associated mitigations
- Experience implementing and scaling DevSecOps practices and tooling within large organizations
- Experience implementing DevSecOps workflows in cloud environments such as AWS and Azure
- Experience developing Infrastructure As Code (IAC) via solutions such as Terraform and/or CloudFormation
- Experience supporting developers with assessing and mitigating application security test findings
- Ability to effectively communicate technical findings to both technical and non-technical stakeholders
- Demonstrated ability to function as a principal engineer, generating original technical ideas and strategies. Demonstrated creative 'out of the box' thinking to solve difficult technical problems and champion new technologies to achieve program goals.
- Excellent written and oral English communication skills, as demonstrated by presenting at leading scientific or technical conferences.
- Experience coaching and supporting the development of junior engineers
Preferred:
- Experience implementing tooling to consolidate application security test findings from multiple sources to facilitate developer engagement and integrate with development workflows and tracking systems
- Experience administering Snyk and Endor Labs
- Experience integrating Cloud Security Posture Management (CSPM) tooling with application security pipelines
- Experience automating workflows via programming and scripting languages such as Python
- Experience building logging into DevSecOps pipelines to gain insights into pipeline performance
- Experience collaborating with vulnerability and risk management partners to interface with risk management and acceptance processes
Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
- The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
- We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
- This job is eligible to participate in our short-term incentive programs.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html
Company Description
About AbbVie
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience - and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on LinkedIn, Facebook, Instagram, X and YouTube.
Job Description
Become a key player in our Information Security team as a Senior Application Security Engineer, where you will leverage your expertise in application security, security engineering, and software development to support and enhance our inline code testing and reporting processes. This role involves the implementation and administration of application security tooling, integration into CI/CD pipelines, and providing support for development teams using these products and consuming their findings.
This position can be remote anywhere in the U.S.
Responsibilities:
- Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code and dependency vulnerabilities during the software development lifecycle.
- Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize and deduplicate findings from multiple solutions and integrate into software development processes.
- Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
- Integrating security tooling with Continuous Integration/Continuous Deployment (CICD) pipelines.
- Developing detailed reports on security findings and remediation efforts.
- Demonstrate high proficiency across a wide range of technologies and platforms related to application security, software design and development, containerization, and cloud environments.
- Communicate security risks and evangelize secure development practices to development teams and their management.
- Lean/understand vulnerabilities, triage security risks at scale in disparate application development environments and business units.
Qualifications
Bachelor’s Degree and 6 years’ experience OR Master’s Degree and 5 years’ experience OR PhD and 0 years’ experience.
- Experience in application security and software development
- Years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
- Extensive knowledge of secure coding practices across multiple programming languages (esp. Java, Node.js)
- Extensive experience integrating security testing into CICD pipelines
- Strong knowledge of application security principles along with common vulnerabilities (e.g., OWASP Top 10, CWE, etc.) and associated mitigations
- Experience implementing and scaling DevSecOps practices and tooling within large organizations
- Experience implementing DevSecOps workflows in cloud environments such as AWS and Azure
- Experience developing Infrastructure As Code (IAC) via solutions such as Terraform and/or CloudFormation
- Experience supporting developers with assessing and mitigating application security test findings
- Ability to effectively communicate technical findings to both technical and non-technical stakeholders
- Demonstrated ability to function as a principal engineer, generating original technical ideas and strategies. Demonstrated creative 'out of the box' thinking to solve difficult technical problems and champion new technologies to achieve program goals.
- Excellent written and oral English communication skills, as demonstrated by presenting at leading scientific or technical conferences.
- Experience coaching and supporting the development of junior engineers
Preferred:
- Experience implementing tooling to consolidate application security test findings from multiple sources to facilitate developer engagement and integrate with development workflows and tracking systems
- Experience administering Snyk and Endor Labs
- Experience integrating Cloud Security Posture Management (CSPM) tooling with application security pipelines
- Experience automating workflows via programming and scripting languages such as Python
- Experience building logging into DevSecOps pipelines to gain insights into pipeline performance
- Experience collaborating with vulnerability and risk management partners to interface with risk management and acceptance processes
Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
- The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
- We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
- This job is eligible to participate in our short-term incentive programs.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html
See all 52+ Application Security Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Application Security Engineer roles.
Get Access To All JobsTips for Finding TN Visa Sponsorship as an Application Security Engineer
Frame your credentials around systems analysis
TN approval for this role depends on fitting the Computer Systems Analyst category. Your resume and supporting letter should emphasize security architecture, threat modeling, and systems-level analysis rather than general IT support or network administration duties.
Request a detailed employer support letter
Ask your hiring manager to specify that your role requires analyzing and designing secure computer systems, not just executing security scans. A vague job description is the most common reason CBP officers push back on Application Security Engineer TN petitions.
Target employers experienced with visa sponsorship
Use Migrate Mate to filter Application Security Engineer roles by employers with recent visa filings. Employers experienced with visa sponsorship typically have legal teams familiar with work visa classifications and can move quickly through the TN sponsorship process at the port of entry or consulate.
Prepare your degree documentation before any interview
Your bachelor's degree in computer science, information security, or a related field must be ready to present at the port of entry. Canadian citizens traveling by land should carry certified transcripts, not just a diploma, since CBP can request verification on the spot.
Negotiate TN filing timing into your offer letter
Mexican citizens face a consulate appointment backlog that can extend several weeks. Build this into your start date negotiation so your employer understands the timeline before signing. A firm start date that assumes same-week processing creates problems for both sides.
Clarify your role scope if switching from a contractor position
If you are moving from a consulting arrangement to a full-time Application Security Engineer role, ensure the new offer letter clearly describes your duties as a direct employee. Third-party placement language in TN support letters draws additional scrutiny from CBP officers.
Application Security Engineer jobs are hiring across the US. Find yours.
Find Application Security Engineer JobsApplication Security Engineer TN Visa: Frequently Asked Questions
Does an Application Security Engineer role qualify for a TN visa?
Yes, provided your duties align with the Computer Systems Analyst category under USMCA. Roles focused on threat modeling, vulnerability assessment, secure software design, and security architecture typically qualify. Roles that are primarily network operations, help desk, or general IT administration are less likely to meet the specialty occupation criteria CBP applies when reviewing TN petitions.
How does TN compare to H-1B for Application Security Engineer roles?
TN has no annual lottery, no cap for Canadian citizens, and can be approved at the port of entry the same day for Canadians. H-1B requires employer sponsorship months in advance, entry into a randomized lottery, and USCIS petition processing. For qualified Canadian and Mexican professionals, TN is a faster and more predictable path to working as an Application Security Engineer in the United States.
Where can I find Application Security Engineer jobs that include TN visa sponsorship?
Migrate Mate lists Application Security Engineer roles specifically filtered for TN visa sponsorship, so you are not sorting through postings from employers unfamiliar with the USMCA process. Searching there lets you focus on companies that have already confirmed willingness to provide the employer support letter and documentation required for a TN application.
Can I apply for a TN visa as an Application Security Engineer if my degree is in a field other than computer science?
Degrees in information systems, software engineering, mathematics, or electrical engineering can support a TN application for this role if your coursework is substantially technical and your job duties map clearly to computer systems analysis. CBP officers evaluate the connection between your degree field and your actual responsibilities, so a strong employer support letter explaining that connection is essential.
What happens to my TN status if my employer switches security platforms or restructures my team?
A material change in your job duties, title, or employer entity can trigger the need for a new TN petition. If your core responsibilities as an Application Security Engineer remain the same, a platform switch alone does not require refiling. However, if your role shifts significantly toward network operations or management duties, you should consult an immigration attorney before the change takes effect.
See which Application Security Engineer employers are hiring and sponsoring visas right now.
Search Application Security Engineer Jobs