Application Security Engineer
Posted on Jan 16, 2021 by Nextech
The Application Security Engineer will assist in protecting the security of Nextechs applications. This position will be responsible for regular code reviews, working with the teams to prioritize and remediate findings, and being the subject matter expert around security engineering for the development teams.
All activities must be in compliance with Equal Employment Opportunity laws, HIPAA, ERISA and other regulations, as appropriate.
ESSENTIAL FUNCTIONS: In addition to working in accordance with appropriate conduct and behavioral standards, specific responsibilities of this role include:
* Maintain in-depth knowledge of Application Security tools and web architecture
* Prioritize issues in the context of the companys environment
* Resolve problems with an out-of-the box perspective without always defaulting to industry norms
* Perform and manage manual and automated vulnerability and penetration testing
* Lead efforts to implement and maintain security policies and remediation processes
* Balance security risk and product advancement within the parameters of the business
* Think like an attacker and use that context to develop threat modelsand new threat vectors
* Perform reactive incident response when a security event occurs
* Maintain knowledge of Application Security related vulnerabilities including cryptographic implementations and mitigation strategies
* Find flaws in software and efficiently communicate how to fix them
* Maintain detailed understanding of common web application deployment models and components
* Create and automate security controlsthrough scripting with languages like Python, PowerShell, bash, etc.
* Stay up to date with technical security controls, guidelines, and frameworks outlined by standards such as HIPAA, PCI, SOC2, ISO 27001/27013, NIST 800-53
* Carry out additional responsibilities as assigned based on business need
Set up alerts to get notified of new vacancies.