Sr. Application Security Engineer
Employment Type: Full-Time
Industry: Information Technology
Local would be preferred. Essential Job Responsibilities 1. Provide both hands-on and high-level guidance for defensive coding practices based on mitigation of OWASP Top 10, SANS 25 software design flaws 2. Interpret static and dynamic code activities for both internal and external web applications 3. Work with the internal Applications Development function to drive the development of strategies, remediations and solutions for improving both architecture and application security 6. Cybersecurity Team to deliver solutions for the Output Solutions business, consistent with the enterprise Information Security strategy 7. Perform risk assessments and security architecture reviews across a variety of technology platforms and applications 8. Leverage experience to provide security guidance in strategic projects to improve the business unit's security, risk and compliance posture 9. Proactively identify security risks, recommend remediation and mitigation techniques, clearly articulate the issues to impacted teams, provide code samples where applicable and work with them to resolve 10. Prepare, review and deliver concise, well-written security architecture and coding recommendations and communications 11. Facilitate and support the selection, design, implementation, and tuning of security tools Basic Qualifications for Consideration 1. Five or more years of direct application design and development experience focused on application security 2. Technical proficiency in two or more of the following areas a. Application Design and Development b. Application Security (including OWASP concepts and application architecture and controls) c. Computer Operations (including capacity, performance, and problem management) d. Database Administration Security e. Information Security Data Privacy f. Network Infrastructure Architecture and Security (including network segmentation concepts, firewalls, routers, VPN solutions etc.) g. Systems Development (including SDLC, project management and change control methodologies) 3. Demonstrated ability to take ownership and follow up on issues 4. Demonstrated ability to work in a team and to work well under pressure 5. Advanced analytical and problem solving skills 6. Consistently demonstrates clear and concise written and verbal communication 7. Proficient in interpreting and applying policies, standards and procedures Preferred Skills, Experience, and Education 1. ALM process and tooling including CICD automation and Agile SDLC methodologies 2. Bachelor's or advanced degree in Information TechnologyComputer ScienceManagement Information Systems 4. Experience with security protocols and technologies (firewalls, IDSIPS, DLP, SIEM, VPN, etc.) 5. Experience managing and implementing enterprise security tools (Fortify, Splunk, Imperva, Nessus, Qualys, etc.) 6. Experience conducting security technologyarchitecture reviews, risk assessments, and application penetration testing 7. Information security operations experience, including implementation of processes in line with best practices 8. Financial services experience, including working with auditors and assessors in highly regulated environments Travel required The selected candidate must be willing to travel up to 20 domestic, internationally as necessary Thanks Warm Regards Shweta Primus Software Corporation M 678 666 4382 Shwetaprimussoft.com www.primussoft.com httpwww.primussoft.com
Loading some great jobs for you...