The Application Security Engineer will support the organization’s efforts to identify and remediate application security risks, evangelize security best practices, and help educate the larger engineering team on security fundamentals. You will work with various teams (Software, Architecture, DevOps, Quality and more..) to support security at all stages of the software development life cycle.
Additional Responsibilities
Skills - Experience and Requirements
Qualifications
A successful Security Engineer will have the following:
· 5+ years of professional software development experience. Experience with Node.js, Java and/or Spring is preferred.
· 5+ years of application security and secure coding experience in large scale environments.
· Thorough understanding of the OWASP Top 10 and SANS / CWE Top 25 coding standards.
· Significant experience with securing and integrating with cloud-based managed services.
· Proven ability to improve security posture in existing legacy applications as well as define greenfield application security strategies.
· Experience developing or supporting internet-facing web applications or services.
· Solid understanding of security concepts and secure coding techniques.
· Experience using static analysis tools such as WhiteHat, Fortify or CheckMarx.
· Ability to align and/or prioritize security goals with business goals.
· BS/MS in Computer Science (or equivalent experience)
· Technical aptitude and critical thinking skills, the ability to come up with creative outside-of-the-box solutions.
· Strong written and verbal communication skills – including the ability to translate the impact of complex security risks/concerns to the senior IT executive leadership team.
· Understanding of US regulations and data-protection guidelines and standards.
· Some leadership experience (getting projects/tasks done leading a small team)
· CSSLP, CISSP, CISM or other relevant information security industry certification preferred.
·
Skills - Experience and Requirements
A successful Security Engineer will have the following
Skills/Requirements Essential •4+ years’ experience auditing and applying control processes to network, wireless and applications • Computer experience • Ability to apply knowledge by reading and interpreting regulations to formulate real world controls •Bachelor’s Degree in business or computer related field or equivalent experience Desired Qualifications: • Experience in a fast-paced, ever-changing and growing environment • Experience with basic programming language
your information will be kept confidential according to EEO guidelines.