Job Openings Application Security Engineer

About the job Application Security Engineer

Responsibilities:

  • Assist software development teams with understanding and remediating automated scan results of software source code as well as penetration testing
  • Assist the Business Unit Security Officers in the risk assessment process by assessing application risks and providing security recommendations for improved application design or coding
  • Work with the developers throughout the software engineering lifecycle to ensure compliance with secure software development best practices
  • Drive adoption of GWAM segment code scanning capabilities and of the DevSecOps pipeline
  • Develop and deliver Cybersecurity analytics that will allow for data driven decisions.
  • Deliver regular reporting on initiatives, program progress and key areas of risk.
  • Develop or acquire targeted training for development teams in secure coding and other security practices
  • Identify, propose and acquire toolsets to assist with the security assessment process in an Agile and DevOps environment

Qualifications:

  • Minimum of 3-5 years of software development experience and 3+ years of work experience in application security
  • Development and/or security-related experience with web applications, web services, and mobile applications including:
    • at least 1 of the following core languages: Java, C, C++, .NET, or C#
    • and 2 of the following languages: HTML, JavaScript, PHP, Perl, SQL, Ruby, or COBOL
  • Experience working on or closely with development teams in the Software Development Life Cycle (SDLC) using DevOps, Agile and/or waterfall methodologies
  • Ability to understand and interpret vulnerabilities and communicate business impact and remediation actions to management
  • Ability to rapidly learn new technologies and business functions
  • Excellent analytical, presentation, and communication (oral and written) skills to work with technical and non-technical audiences
  • Results-oriented, high energy, self-motivated
  • Excellent leadership, teamwork, and client service skills
  • Security related certifications, such as CISSP, CSSLP, or SANS GIAC, a plus

Or refer someone