| Application Security Engineer---1-2 times per Quarter---Remote at Remote, Remote, USA |
| Email: [email protected] |
|
Application Security Engineer Only USC H4EAD Only Local to NYC and NJ or near by Remote Be able to work onsite in NYC 1-2 times per quarter. RESPONSIBILITIES: Proactively identify and resolve security risks, issues and incidents. Evaluate and assess information risk, as well as remediation of identified vulnerabilities with the ecosystem. Report on findings and recommendations for corrective action. Perform assigned vulnerability assessments utilizing enterprise security tools and methodologies. Perform assessments of IT security/risk posture within the IT network, systems and software applications. Drive security mitigation efforts through identification of opportunities to reduce risk and document remediation options regarding risk scenarios. Facilitate and monitor performance of risk remediation tasks. Design security solutions to address security vulnerabilities and weaknesses Continuously update the monitoring environment and tools in order to provide the correct level of insight into the environment Technical point of contact for product teams as it relates to automation, CI/CD, and Product Application Security Operations. Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team. REQUIRED EXPERIENCE: 7+ years of experience in application security roles with increasing responsibility. 5+ years or experience in an enterprise technology environment, with responsibilities across a operations, networking, systems and infrastructure architecture, or other as applicable technical areas. 3+ years of experience in a Security Operations Center or Continuous Monitoring role 3+ years of experience in Web Application Security, SSDLC and Threat Modelling. Prior hands on experience with Software Development Java / C# / C++. Experience with a variety of Continuous Monitoring, and vulnerability scanning tools Must have hands on infrastructure security skills including IDS/IPS, firewall, SIEM, server and OS hardening, malware detection, physical security, transport and at-rest encryption on file systems, DB, and other data persistence mechanisms. Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning Prior experience implementing SOX, PCI, ISO, NIST 800-53, NIST CSF, SonarQube, Snyk, Qualys, Wiz. DEEP understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies. Excellent written and verbal communication skills including the ability to effectively communicate security- and risk-related concepts to technical and nontechnical audiences and strong interpersonal and collaborative skills Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams Strong preference for ISC2, SANS, ISACA, or other recognized security professional credentialing organizations. Bachelor's degree in information systems, engineering or equivalent work experience, preferably Information System management / Computer Science / Information Security or a related technical discipline. MUST live in NYC area and able to work onsite in NYC 1-2 times per quarter. Kind Regards, Syeda Hajra | Absolute IT | Senior Technical Recruiter 116 Village Blvd Suite 200 Princeton New Jersey 08540 Absolute IT | [email protected] https://www.linkedin.com/in/syeda-hajra-a96813245/ www.absoluting.com | -- Keywords: cplusplus csharp continuous integration continuous deployment database information technology New Jersey Application Security Engineer---1-2 times per Quarter---Remote [email protected] |
| [email protected] View All |
| 12:42 AM 14-Feb-25 |