Application Security Engineer
Posted on Jan 31, 2020 by Request Technology - Robyn Honquest
The Application Security Engineer is involved in full systems life cycle and responsible for ensuring secure design, testing, visibility, and reporting of applications either in place currently, or in development. The Application Security Engineer works extensively with both Architects and Developers to ensure solutions are not only secure by design, but also throughout execution and evolution. Application Security Engineers seek to ensure solutions remain secure ongoing, whether via code scan techniques, PEN testing, or other means as available.
Application Security Engineers are expected to not only identify code vulnerabilities, but the root cause behind such matters. Ongoing analysis of coding practices in each product team, trending issues, new exploits, new threats, or evolving underlying platforms are all in scope and need to be factored in to the holistic security posture of the application environment.
As a security SME, this role can also be called upon to help investigate root cause in the event of an application security event.
Prior exposure and experience in Agile, DevOps, DevSecOps, CI/CD Pipeline, automation and Digital Transformation are highly desirable as they are essential to our growing and evolving development environment.
- Excellent communications, both written and verbal are essential to the success of the role.
- Experience or background in any of the following are also of great value: NIST, ISO27001, Data Protection, Java Development, AppSec, Static Code Analysis, Dynamic Code Analysis, PEN Testing, AWS, Containers, MicroServices, CI/CD Pipeline, Agile, Sprints/Scrum Masters, GitHub, Black Duck, WhiteHat, Veracode, Jira, Docker, cloud security and design, process maturity, and other related focuses.
- DevOps, Agile Experience
- PEN Testing
Set up alerts to get notified of new vacancies.