Application Security Engineer Jobs in USA with Visa Sponsorship
Application Security Engineer roles are among the most consistently sponsored positions in tech. Most employers file H-1B or O-1 petitions for these roles, and a relevant bachelor's degree in computer science, cybersecurity, or a related field satisfies the specialty occupation requirement with minimal friction. For detailed occupation requirements, see the O*NET profile.
See All Application Security Engineer JobsOverview
Showing 5 of 214+ Application Security Engineer jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 214+ Application Security Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Application Security Engineer roles.
Get Access To All JobsAbout Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters.
Application Security Developer
Location: Sacramento, CA 95814-Onsite
Rate Range: $70 to $75 hr C2C or $60 to $62 hr W2 All Inc but flexible
Required Skills:
- Application Security: Intermediate
- NIST Cyber Security Framework: Foundation
- Security And Privacy By Design: Foundation
- Threat modeling, security by design: Foundation
Role Description: The candidate will drive secure practices for application security development, proactively identify and remediate vulnerabilities, and support the team in aligning with government and industry security standards. The ideal candidate should have robust background in cybersecurity delivery for government agencies and hands-on experience with leading security tools.
Key Responsibilities:
- Serve as the functional lead overseeing security design and assessment of application changes and cloud security solutions for client projects.
- Evaluate, design, and implement security controls in alignment with government security requirements and best practices.
- Hands-on experience with Fortify, Snyk, Invicti, and BurpSuite, ensuring comprehensive scanning, remediation, and reporting.
- Provide expert guidance on secure solution architecture within AWS, supporting large-scale deployments for regulated environments.
- Conduct risk assessments, code reviews, penetration testing, and ensure ongoing compliance with federal and state standards.
- Knowledge of secure coding in Java, C++, C, and JavaScript specifically for vulnerability identification and remediation.
- Strong cross-team communication: prior client-facing roles, stakeholder engagement, and direct SDLC integration.
Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment.
About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters.
Application Security Developer
Location: Sacramento, CA 95814-Onsite
Rate Range: $70 to $75 hr C2C or $60 to $62 hr W2 All Inc but flexible
Required Skills:
- Application Security: Intermediate
- NIST Cyber Security Framework: Foundation
- Security And Privacy By Design: Foundation
- Threat modeling, security by design: Foundation
Role Description: The candidate will drive secure practices for application security development, proactively identify and remediate vulnerabilities, and support the team in aligning with government and industry security standards. The ideal candidate should have robust background in cybersecurity delivery for government agencies and hands-on experience with leading security tools.
Key Responsibilities:
- Serve as the functional lead overseeing security design and assessment of application changes and cloud security solutions for client projects.
- Evaluate, design, and implement security controls in alignment with government security requirements and best practices.
- Hands-on experience with Fortify, Snyk, Invicti, and BurpSuite, ensuring comprehensive scanning, remediation, and reporting.
- Provide expert guidance on secure solution architecture within AWS, supporting large-scale deployments for regulated environments.
- Conduct risk assessments, code reviews, penetration testing, and ensure ongoing compliance with federal and state standards.
- Knowledge of secure coding in Java, C++, C, and JavaScript specifically for vulnerability identification and remediation.
- Strong cross-team communication: prior client-facing roles, stakeholder engagement, and direct SDLC integration.
Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment.
How to Get Visa Sponsorship as an Application Security Engineer
Target security-mature employers
Companies with dedicated security teams, large fintechs, cloud providers, defense contractors, and healthcare systems, are far more likely to sponsor than startups where security is still a shared responsibility. Sponsorship infrastructure already exists at these organizations.
Get certified before you apply
OSCP, CISSP, CEH, or AWS Security certifications meaningfully strengthen your H-1B petition. USCIS scrutinizes specialty occupation claims, and certifications alongside your degree reduce the risk of a Request for Evidence on this role.
Lead with technical depth in your resume
Vague descriptions like 'performed security assessments' won't land interviews. Specify tools, frameworks, and measurable outcomes. Employers filing visa petitions want documented evidence of specialized expertise, not generalist security experience.
Understand your degree field matters
A computer science, cybersecurity, or software engineering degree maps cleanly to this role. Degrees in unrelated fields require stronger supporting evidence, work history, certifications, and employer attestation, to satisfy the specialty occupation standard.
Don't overlook cap-exempt employers
Universities, nonprofit research institutions, and government-affiliated labs are cap-exempt H-1B employers. If you miss the lottery, these organizations can file for you year-round. Application security roles exist across all of them.
Time your application cycle strategically
H-1B registration opens in March. Starting your job search in December through February gives employers enough lead time to register on your behalf. Late outreach significantly reduces your chances of being included in that cycle.
Application Security Engineer jobs are hiring across the US. Find yours.
Find Application Security Engineer JobsSee all 214+ Application Security Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Application Security Engineer roles.
Get Access To All JobsFrequently Asked Questions
Does Application Security Engineer qualify as a specialty occupation for H-1B purposes?
Yes. Application security engineering consistently qualifies as a specialty occupation because the role requires at minimum a bachelor's degree in computer science, cybersecurity, information systems, or a closely related field. USCIS has approved H-1B petitions for this title extensively, and the technical complexity of the work supports the specialty occupation argument well.
How common is visa sponsorship for Application Security Engineer roles?
Sponsorship is relatively common for this title compared to many other tech roles. Security talent is scarce, and employers filing LCAs for security engineers appear regularly in Department of Labor disclosure data. Mature tech companies, financial institutions, and large healthcare organizations account for the majority of filings. You can browse currently sponsoring employers on Migrate Mate.
My degree is in a field unrelated to security or computer science. Can I still get an H-1B for this role?
It's harder but not disqualifying. USCIS allows three years of progressive, specialized work experience to substitute for one year of formal education. If your degree field is unrelated, you'll need strong documentation: detailed employer letters, a credentials evaluation, and certifications like OSCP or CISSP that demonstrate specialized knowledge. A Request for Evidence is more likely in this scenario.
Is the O-1A a realistic alternative to the H-1B for application security engineers?
For engineers with a strong track record, yes. Published research, CVE discoveries, conference presentations at DEF CON or Black Hat, open-source tool contributions with measurable adoption, or significant media coverage of your security work can each satisfy O-1A criteria. It requires documented evidence, but security professionals often have more qualifying material than they realize.
What should I expect during the H-1B petition process for this role?
Expect your employer to file a Labor Condition Application with the DOL before submitting Form I-129 to USCIS. For application security roles, Requests for Evidence sometimes challenge the specialty occupation determination or the connection between your degree field and the specific job duties. Premium processing, which adjudicates within 15 business days, is worth requesting to reduce uncertainty.
What is the prevailing wage requirement for sponsored Application Security Engineer jobs?
U.S. employers sponsoring a visa must pay at least the prevailing wage, which is what workers in the same role, area, and experience level typically earn. The Department of Labor sets this rate to make sure companies aren't hiring foreign workers simply because they'd accept lower pay than a U.S. worker. It varies by job title, location, and experience. You can look up current prevailing wage rates for any occupation and location using the OFLC Wage Search page.
See which Application Security Engineer employers are hiring and sponsoring visas right now.
Search Application Security Engineer Jobs