Application Security Engineer
Application Security Engineer
Posted on :
04-01-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Overview:
TekWissen is a global workforce management provider headquartered in Ann Arbor Michigan that offers strategic talent solutions to our clients worldwide. Our client is an American multinational information technology services and consulting company and is a leading provider of information technology consulting and business process outsourcing services dedicated helping the worlds leading companies build stronger businesses.
Job Title: Application Security Engineer
Work Location: Norfolk VA
Job Type: Contract
Work Type: Remote
Duration: 6 Months
Job Summary:
- The contracted Application Security Engineer will be responsible for designing and implementing security solutions for specific applications and systems.
- This role demands close collaboration with software developers to ensure applications are secure and compliant with relevant security standards.
Responsibilities:
- Secure Configuration Management: Employ secure configuration management processes.
- Consistency with Cybersecurity Guidelines: Ensure that acquired or developed system(s) and architecture(s) are consistent with the organizations cybersecurity architecture guidelines.
- Business Function Prioritization: Identify and prioritize critical business functions in collaboration with organizational stakeholders.
- Security Reviews and Risk Management: Perform security reviews identify gaps in security architecture and develop a security risk management plan.
- Impact Analysis: Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
- Security Evaluation: Evaluate security architectures and designs to determine the adequacy of security design and architecture.
- Security Control Documentation: Determine the protection needs (i.e. security controls) for the information system(s) and network(s) and document appropriately.
- Define Security Patterns: Create security patterns providing frameworks or templates for addressing recurring cybersecurity issues.
- Collaboration with Developers and Operations: Work closely with both developers and operations teams to ensure the deployment of secure solutions.
- Stay Updated with Security Trends: Remain current with new security vulnerabilities threats and industry developments to ensure that security solutions and protocols are uptodate.
- Training and Development: Train other team members and developers on current security practices and potential threats.
- Infrastructure Security Design: Collaborate with the infrastructure architect to design a secure environment.
- Okta Integration: Assess and ensure the secure integration and configuration of Okta for identity and access management within the organizations applications.
- Illumio Segmentation: Analyze and define security boundaries using Illumio for network segmentation to protect sensitive data and reduce attack surfaces.
- Code Review: Conduct thorough reviews of application code to identify and remediate security vulnerabilities ensuring the codebase adheres to best security practices.
- Incorporate Security Patterns: Ensure that established security patterns and protocols are effectively incorporated into the application development process to maintain robust security standards.
- Secure Coding Practices: Implement best practices for secure coding and advise development teams on mitigating security issues in their code.
Skillset Required:
- An exceptional Application Security Engineer candidate should possess the following skills:
- Proficiency in several programming languages (Java C Python .net etc.)
- Understanding of Secure Software Development Life Cycle (SDLC)
- Deep knowledge of security architectures protocols and standards
- Skill in risk identification and application threat modeling
- Experience using security tools for code reviews and application vulnerability scanning
- Proficiency in encryption methods and standards
- Ability to design test and implement secure applications
- Broad knowledge of system infrastructure software and hardware
- Relevant certifications like CISSP CSSLP or CISM
- Excellent communication skills to simplify complex security concepts
- Experience integrating systems with APIs and interacting with SaaS solutions
- Experience with Cloud services from AWS Azure Google
- Experience with SSO integrations and modern authentication methods
- Knowledge of data security methods tokenization encryption and secure communications
Top Qualifications:
- SAST DAST OSS
- Secure Coding OWASP TOP 10
- Tools like Checkmarx Fortify Coverity Gitlab etc
Experience:
- 8 to 10 years
Required Skills:
- OWASPZAP
- Sec Practices OWASP Top 10
- HCL Appscan
TekWissen Group is an equal opportunity employer supporting workforce diversity.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
