Insight Global is seeking an Application Security Engineer for a 6-month contract to hire. The role involves designing, implementing, and enforcing complex security policies to protect systems and data from security risks. The engineer will work on a large retail client's eCommerce platform and applications.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Duration: 6 month contract to hire
Location: fully remote - MUST SIT in PA, WV, VA, OH, NC, MD, or MI
Pay Rate: $35-45/hr
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
Must Haves:
- Bachelor’s Degree in Computer Science, Cyber Security, or similar field or equivalent experience
- 2-3 years of Application Security related experience
- Gitlab or Github experience
- SAST and SCA experience
- Automated DAST Tooling experience
- Secrets detection experiences
Plusses:
- Experience with risk analysis; vulnerability assessments
- Openshift experience
Day to Day:
Insight Global is seeking an Application Security Engineer to sit remotely for a large retail client headquartered in the greater Pittsburgh area! Our client recently kicked off a major project to build their own home-grown eCommerce platform and applications that will be used internally and then deployed out into their 600+ retail locations. In this role, the Application Security Engineer will be a member of the RISC team and will be focusing on Application Security and Penetration Testing; they will design, implement, and enforce complex security policies that protect systems and data from security risks. Tasks may include leading the security testing, analyzing compliance security requirements, as well as performing standard testing as development cycle continues with the project.
Additional responsibilities will include:
- Collaborate with RISC management in the planning and design of enterprise security architecture while serving as the lead security tester.
- Focusing on design to implementation – on the whole development stack. Working with specialized hardware, containers, embedded services, databases, and web apps.
- Collaborate with RISC management in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).
- Maintain up-to-date advanced knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Lead the design and execution of vulnerability assessments, penetration tests, and security audits.
- Recommend additional security solutions, or enhancements to existing security solutions to improve overall enterprise security and report out of compliance conditions.
- Lead the deployment integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry and company standards.
- Research and write security, risk, and compliance reports indicating the existence of, and effectiveness of, information technology related controls.
- Provide guidance, interpretation, and education on specific security policies related to projects and applications, and new technologies & methodologies as business needs evolve.