Application Security Engineer prior Java or C-LOCAL REMOTE FOR NYC area
Application Security Engineer prior Java or C-LOCAL REMOTE FOR NYC area
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
LOCAL REMOTE role. MUST live in NYC area and able to work onsite in NYC 12 times per quarter.
Our software client based in the NYC area has an immediate need for an Application Security Engineer to join their security team to proactively identify and resolve security risks issues and incidents. The successful engineer with proactively assesses information risk and facilitate remediation of identified vulnerabilities within the clients network systems and applications.
LOCAL REMOTE role. MUST live in NYC area and able to work onsite in NYC 12 times per quarter.
RESPONSIBILITIES:
- Proactively identify and resolve security risks issues and incidents.
- Evaluate and assess information risk as well as remediation of identified vulnerabilities with the ecosystem.
- Report on findings and recommendations for corrective action.
- Perform assigned vulnerability assessments utilizing enterprise security tools and methodologies.
- Perform assessments of IT security/risk posture within the IT network systems and software applications.
- Drive security mitigation efforts through identification of opportunities to reduce risk and document remediation options regarding risk scenarios.
- Facilitate and monitor performance of risk remediation tasks.
- Design security solutions to address security vulnerabilities and weaknesses
- Continuously update the monitoring environment and tools in order to provide the correct level of insight into the environment
- Technical point of contact for product teams as it relates to automation CI/CD and Product Application Security Operations.
- Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team.
REQUIRED EXPERIENCE:
- 7 years of experience in application security roles with increasing responsibility.
- 5 years or experience in an enterprise technology environment with responsibilities across a operations networking systems and infrastructure architecture or other as applicable technical areas.
- 3 years of experience in a Security Operations Center or Continuous Monitoring role
- 3 years of experience in Web Application Security SSDLC and Threat Modelling.
- Prior hands on experience with Software Development Java / C# / C.
- Experience with a variety of Continuous Monitoring and vulnerability scanning tools
- Must have hands on infrastructure security skills including IDS/IPS firewall SIEM server and OS hardening malware detection physical security transport and atrest encryption on file systems DB and other data persistence mechanisms.
- Experience in managing application security testing tools like SAST DAST and Open Source Vulnerability Scanning
- Prior experience implementing SOX PCI ISO NIST 80053 NIST CSF
- SonarQube Snyk Qualys Wiz.
- DEEP understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies.
- Excellent written and verbal communication skills including the ability to effectively communicate security and riskrelated concepts to technical and nontechnical audiences and strong interpersonal and collaborative skills
- Selfmotivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
- Strong preference for ISC2 SANS ISACA or other recognized security professional credentialing organizations.
- Bachelors degree in information systems engineering or equivalent work experience preferably Information System management / Computer Science / Information Security or a related technical discipline.
- MUST live in NYC area and able to work onsite in NYC 12 times per quarte
Employment Type
Full Time
