Application Security Engineer
Company: IT Connect LLC
Posted on: December 8, 2018
This position will be part of a smart and collaborative team working to identify, interpret, and help drive vulnerability remediation in enterprise applications.As an embedded Application Security Engineer, you will impact business technology strategy and implementation by driving application security from red and blue team perspectives.The successful applicant will be responsible for participating in the coordination and presentation of application vulnerability reviews to development, risk, audit, and business teams. This role will require the applicant be proficient in manual and automated application vulnerability testing and will support critical efforts within the environment to improve the application security profile of the organization. You must possess a passion for finding and fixing application vulnerabilities.Responsibilities will include (but will not be limited to):* Supporting the building, production and maintenance of metrics associated with the application security program* Establish, maintain and enforce secure development standards and requirements* Guiding development teams in best practices across all stages of the SDLC* Identify process deficiencies within the secure SDLC and develop solutions* Reviewing and coordinating changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model* Contribute to application security development projects and discussions as needed* Understand how to identify, exploit and re-mediate common application vulnerabilities through use of tools and code review* Using automated tools to perform source code security analysis to identify vulnerabilities and attack vectors in web applications (SAST & DAST)* Leveraging manual methods and processes to perform security analysis to identify vulnerabilities and attack vectors in web applications* Display leadership and the ability to drive, motivate and support people within the team to achieve the delivery of secure solutions Skills and Experience:* 1 or more years of applicable security or development experience* Experience with one or more common programming languages, frameworks, and libraries (VB, Java, .Net, Ruby, C++, Python, Struts, Spring, Groovy, JSON, Node.js, etc.)* Working knowledge of vulnerabilities associated with the OWASP Top 10 & SANS Top 25* Ability to write scripts in languages such as Python, BASH, or PowerShell for automation* Proven technical skills in information security or equivalent security domains* Familiarity with application security testing techniques such as fuzzing, penetration testing and code scanning, ideally with both static (SAST) and dynamic (DAST) tools for client-server, web, mobile, and cloud applications* Familiarity with common programming concepts* Knowledge of secure SDLC principles* Strong presentation & communication skills (written and oral)* Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats - provided by Dice Embedded Application Security Engineer
Keywords: IT Connect LLC, Altoona , Application Security Engineer, Engineering , Altoona, Pennsylvania
Didn't find what you're looking for? Search again!