Posted on Sep 27, 2019 by Request Technology - Alissa Dean
Prestigious Fortune 500 Company is seeking an Application Security Engineer to ensure secure design, testing, visibility, and reporting of applications either in place currently, or in development.
You will work extensively with architects and developers to ensure solutions are not only secure by design, but also throughout execution and evolution. As the Application Security Engineer you will be involved in full systems life cycle and seek to ensure solutions remain secure ongoing, whether via code scan techniques, PEN testing, or other means as available.
Application Security Engineers are expected to not only identify code vulnerabilities, but the root cause behind such matters. Ongoing analysis of coding practices in each product team, trending issues, new exploits, new threats, or evolving underlying platforms are all in scope and need to be factored in to the holistic security posture of the application environment.
Application Security Engineers need to be aware of emerging industry trends along with standard sources of Intel and guidance. Overall, this role serves as a key contributor to our Application Security space by identifying means of quantifying and qualifying our overall application security posture. As a security SME, this role can also be called upon to help investigate root cause in the event of an application security event.
Prior exposure and experience in Agile, DevOps, DevSecOps, CI/CD Pipeline, automation and Digital Transformation are highly desirable as they are essential to our growing and evolving development environment.
Experience or background in any of the following are also of great value: NIST, ISO27001, Data Protection, Java Development, AppSec, Static Code Analysis, Dynamic Code Analysis, PEN Testing, AWS, Containers, MicroServices, CI/CD Pipeline, Agile, Sprints/Scrum Masters, GitHub, Black Duck, WhiteHat, Veracode, Jira, Docker, cloud security and design, process maturity, and other related focuses.