Remote Application Security Engineer
Posted
This job is closed
This job post is closed and the position is probably filled. Please do not apply. Automatically closed by a robot after apply link was detected as broken.
Description:
- As an Application Security Engineer, you will be an integral part of our technology team, focusing on enhancing the security posture of our software development lifecycle (SDLC).
- Your role will be crucial in conducting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and specializing in Blackduck testing to support our engineering and DEVOPS teams.
- You will design and develop application security controls focusing on authentication, authorization, access control, secrets management, logging, and monitoring based on enterprise cyber capabilities such as OKTA, CyberArk, SailPoint, and Splunk.
- You will perform implementation and operations of SAST (Klocwork, Coverity, Fortify SCA, Clang) and DAST (WebInspect, Invicti, Checkmarx, BurpSuite) to identify and mitigate security vulnerabilities.
- You will conduct thorough security assessments and validations to ensure the effectiveness of implemented controls.
- You will serve as the go-to person for facilitating the implementation of application security controls in all in-house developed applications, SaaS solutions, and vendor-developed/hosted applications.
- You will work closely with cross-functional teams to remediate identified vulnerabilities and enhance overall application security posture.
- You will stay abreast of the latest industry trends, emerging threats, and advancements in application security.
- You will ensure compliance with industry standards, guidelines, and best practices such as OWASP (Open Web Application Security Project) and SANS.
- You will conduct regular assessments and audits to verify adherence to OWASP standards and address any identified gaps.
- You will collaborate with incident response teams to investigate and mitigate security events related to application security.
- You will foster strong partnerships with development teams, IT operations, and other relevant stakeholders to promote a culture of security awareness and collaboration.
- You will communicate complex security concepts effectively to both technical and non-technical audiences.
Requirements:
- Proven experience in application security with a focus on authentication, authorization, access control, secrets management, logging, and monitoring is required.
- Industry-standard certifications such as CISSP, CSSLP, Certified Ethical Hacker (CEH), or equivalent are necessary.
- Security vendor certifications such as Checkmarx, Coverity, Klocwork, BurpSuite, WebInspect, and Fortify SCA are preferred.
- An in-depth understanding of OWASP guidelines and best practices is essential.
- Strong programming/scripting skills in Python and PowerShell, along with familiarity with modern development frameworks, are required.
- Excellent communication and interpersonal skills are necessary for this role.
Benefits:
- Join a multibillion-dollar global company that fosters a diverse, equitable, and inclusive culture.
- Be part of a team that encourages individual uniqueness and empowers employees to deliver excellence.
- Opportunity to work in a company that is leading the world in innovating new Memory technologies.
- Engage in a workplace that values customer inspiration, trust, innovation, collaboration, and flexibility.
- Contribute to the development of cutting-edge products that provide strong business value for customers and a greater impact on the world.
About the job
Posted on
Job type
Salary
Location requirements
Position
Experience level
Technology stack
