Application Security Engineer - Cyber Security
Job Description:
Position Overview
The primary responsibility of the Application Security Engineer – Cyber Security is to design, implement, and support the company’s overall information security infrastructure. This engineer sits at the intersection of application security, platform engineering, and AI-assisted development to embed security directly into modern AI-driven development workflows, ensuring secure, scalable software delivery while maintaining development velocity.
All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.’s policies, practices, and procedures. All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company’s standards, work requirements and rules of conduct.
Essential Duties & Responsibilities
Partner with platform, data, and application engineering teams to build a casino management platform
Integrate security into AI-assisted software development workflows
Work within GitHub for code reviews, PR approvals, and security validation
Perform hands-on threat modeling with a practical, modern approach (beyond traditional frameworks like STRIDE)
Automate and enhance security scanning and vulnerability detection
Implement and refine risk-based security gates within CI/CD pipelines
Participate in sprint stand-ups, architecture/design discussions, and security reviews and planning sessions
Evaluate and integrate security tooling into development and AI pipelines
Configures, implements, and troubleshoots a wide variety of cyber security devices
Implement and maintain cyber tools
Monitor and respond to output from cyber tools’ health
Tune tools for optimum performance and business focused monitoring
Configure and troubleshoot security infrastructure devices
Capacity planning for cyber devices
Respond to events/incidents with knowledge, efficiency, and professionalism
Create and participate in cyber security practice exercises
Identify and define system security requirements for a heterogeneous computing environment (Microsoft, IBM, Linux, proprietary OS, Industrial Control Systems)
Design cyber security architecture in accordance with IT architects and current and forward-looking network design
Create, develop, and maintain detailed cyber security design documentation
Prepare, document, and maintain standard operating procedures and protocols
Configure and troubleshoot cyber security devices
Submit and respond to tickets from an automated ticketing system
Prepare change management items and participate in the Change Approval Board (CAB) meetings
Create and maintain metrics
Participate in incident response activities
Create various types of reports and present to a varied audience
Perform job duties in a safe manner
Attend work as scheduled on a consistent and regular basis
Perform other related duties as assigned
Minimum Qualifications
At least 21 years of age
Proof of authorization to work in the United States
Bachelor’s degree in Computer Science or related field or 3 years of experience in cyber security or information technology.
Must be able to obtain and maintain any certification or license, as required by law or policy
Strong experience with CI/CD pipeline engineering and security integration
Hands-on experience with AI-assisted development tools and workflows (e.g., agents, code generation)
Proficiency with GitHub Copilot and familiarity with Claude Code and other AI tools
Practical experience in application security and threat modeling (beyond theoretical frameworks)
Ability to review code (PRs) from a security perspective and articulate risk and impact
Experience integrating security scanning tools into development pipelines
Understanding of risk-based security controls and enforcement (security gates)
Experience in at least 4 of the following:
System Administration
Network Administration
Installing and implementing security appliances
Capacity planning
Network architecture
Cyber forensics
Data Loss Prevention
Firewall administration
IDS/IPS installation, implementation and maintenance
Vulnerability and security configuration scanning
Vulnerability and configuration exploit software
Anti-virus an anti-malware hardware and software
SIEM installation, implementation and maintenance
Cyber incident response
Secure configuration management
Threat intelligence
Metrics development
Problem solving skills and the ability to work under pressure in a constantly changing environment
Ability to manage deadlines and changing priorities
Must be self-motivated and a team player collaborating with a team that spans the globe
Demonstrates responsibility and accountability
Must be able to communicate effectively with team members, management, senior management and consultants both verbally and in writing
Must be able to create and document network and system diagrams
Must be able to write understandable procedures
Must be able to respond to calls as needed (24/7)
Must be able to design, install and implement cyber infrastructure solutions that integrate with the existing infrastructure
Ability to demonstrate a calm demeanor when faced with chaotic circumstances
Knowledge of networking concepts and principles
Effective written and verbal communication skills in English
Experience integrating security tool stacks into AI/ML pipelines is preferred
Strong soft skills and developer empathy; ability to balance security rigor with engineering velocity is preferred
Physical Requirements
Must be able to:
Physically access assigned workspace areas with or without reasonable accommodation
Work remotely as necessary
Work indoors and be exposed to various environmental factors such as, but not limited to, CRT, noise, and dust
Utilize laptop and standard keyboard to perform essential functions of the job