This Job Vacancy has Expired!

Lead Application Security Engineer

Posted on Dec 12, 2018 by Request Technology - Craig Johnson

Austin, TX 73301
Information Technology
Immediate Start
Annual Salary
Full-Time

Prestigious Fortune 500 Company is currently seeking a Lead Application Security Engineer. Candidate will be part of a Global Information Security team, you will support applications across the globe. An emphasis will be placed on products that help customers monitor critical changes.

Qualifications:

  • Strong experience in application development (Java EE, Python, web APIs, C++/C#, .Net, and/or Linux Scripting)
  • Strong experience with Application Security and Application Penetration Testing
  • Strong understanding of a variety of application development architectures, platforms, methodologies, and supporting operating systems
  • Strong understanding of web hosting platforms and web services (AWS preferred).
  • Working knowledge of remediation methods (OWASP Top 10 at a minimum)
  • Understanding of enterprise computing environments, distributed applications, and container technology (Docker preferred)
  • Exceptional interpersonal and communication skills
  • Familiarity or experience with CI/CD
  • Any of the following certifications are desired: GWAPT, GWEB, OSCP, CISSP, CSSLP, or similar advanced security certification

Responsibilities:

  • Conduct tests to evaluate and demonstrate the impact of software misconfiguration and vulnerabilities on in-house applications
  • Model attacker behavior and help teams evaluate their resilience to known attack methodologies
  • Provide expert level security consultation to project teams, application owners, and general technology teams on relevant security controls and Secure-SDLC process requirements
  • Build & Monitor systems that ensure application security policies, coding standards and required security controls are being followed and appropriately mitigating threats
  • Assist with required security education initiatives and foster a security-conscious culture within AppDev teams
  • Develop, Enhance, and Participate, as needed, in security portion of Secure-SDLC
  • Analyze and provide remediation guidance for identified vulnerabilities; validate and verify remediation implementation
  • Participate and lead Information Security projects to expand AppSec capabilities
  • App Security/Pen testing background Application development that progressed to a Security role will be considered, and Cloud and container experience is essential.

Reference: 598106484