AI Summary
Join a dynamic team to enhance application security across various platforms and technologies. Implement and maintain security measures to protect applications from potential threats. Collaborate with IT and Development teams to ensure software product security.
Key Highlights
Implement and maintain security measures to protect applications from potential threats
Collaborate with IT and Development teams to ensure software product security
Conduct security risk assessments and perform security-focused code reviews
Technical Skills Required
Benefits & Perks
Remote work
Pay range: $55.00 - $60.00 Hourly
Job Description
Dice is the leading career destination for tech experts at every stage of their careers. Our client, GDH, is seeking the following. Apply via Dice today!
Job Description:
Our client is seeking a seasoned Application Security Engineer to join a dynamic team focused on enhancing application security across a variety of platforms and technologies. This senior-level role involves implementing and maintaining security measures to protect applications from potential threats. The successful candidate will work remotely, collaborating closely with IT and Development teams to ensure the security of software products from design through deployment. This position is critical in safeguarding digital assets and requires a proactive approach to staying ahead of emerging security challenges.
Responsibilities:
- Act as a primary technical contact for software engineering teams regarding security automation, secure CI/CD, and secure cloud deployment.
- Configure and maintain Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and other security tools and processes.
- Oversee the configuration and ongoing management of Web Application Firewalls and API security measures.
- Coordinate both manual and automated penetration testing of applications, APIs, and network infrastructures.
- Assist in the triage, reproduction, and remediation of security vulnerabilities identified in software applications.
- Conduct security risk assessments for all proposed application changes and updates.
- Perform security-focused code reviews and recommend security enhancements.
- Document and communicate application vulnerabilities to both technical teams and leadership to ensure comprehensive understanding and mitigation strategies.
- Minimum of 4 years of experience in application development or application security roles, with hands-on expertise in secure coding practices.
- Proficient understanding of secure software development, system and network security, and authentication protocols.
- Familiarity with security frameworks such as NIST and PCI, and knowledge of OWASP guidelines.
- At least 2 years of experience with SaaS, IaaS, and PaaS models and their associated security tools including SAST/DAST.
- Experience securing applications deployed on cloud platforms, with GCP experience being a plus.
- Strong knowledge of application security technologies, threats, and techniques to exploit security vulnerabilities.
- Experience integrating security tools into CI/CD pipelines and code repositories.
- Proficiency in development and scripting languages such as Java, JavaScript, Python, and Terraform.
- Experience with Web Application Firewalls and securing APIs.
- Preferred certifications: CISSP, CASE, CASS, CSSLP, CEH or equivalent.
This is a fully remote role and can be performed from an approved location.