Remote Application Security Engineer (The Code Defender)

Description:

• The Application Security Engineer (aka The Code Defender) will collaborate with development teams to integrate security into every phase of the software development lifecycle, ensuring security best practices are followed from initial design to deployment.
• Responsibilities include conducting thorough security code reviews and vulnerability assessments to identify weaknesses in applications, performing penetration testing on web, mobile, and cloud-based applications, implementing security tools that integrate into the CI/CD pipeline, providing guidance and training on secure coding practices, conducting threat modeling exercises, and assisting in incident response and remediation.
• The role focuses on embedding security into the software development lifecycle and enabling teams to develop robust, secure applications.

Requirements:

• Application Security Expertise: Strong understanding of application security principles, including secure coding, cryptography, access control, and authentication. Familiarity with common vulnerabilities like SQL injection, XSS, CSRF, and SSRF.
• Penetration Testing and Code Auditing: Hands-on experience with tools like Burp Suite, OWASP ZAP for security testing.
• Development Background: Solid experience in at least one programming language, deep understanding of web technologies like HTML, CSS, and APIs.
• DevSecOps Integration: Experience in DevOps or CI/CD environment, familiar with tools like Jenkins, GitLab CI for continuous integration and testing.
• Communication Skills: Ability to explain complex security issues to technical and non-technical teams.
• Problem-Solving and Analytical Thinking: Strong problem-solving skills, ability to prioritize risks and find innovative solutions.
• Humor: A great sense of humor to foster a productive work environment.

Benefits:

• Comprehensive medical, dental, and vision insurance plans.
• Competitive vacation, sick leave, and 20 paid holidays per year.
• Flexible work schedules and telecommuting options.
• Opportunities for training, certification reimbursement, and career advancement.
• Access to wellness programs, gym memberships, health screenings, and mental health resources.
• Life insurance and short-term/long-term disability coverage.
• Employee Assistance Program (EAP) for counseling and support services.
• Tuition reimbursement for continuing education.
• Community engagement and volunteer activities.
• Employee recognition programs to celebrate achievements.