Senior Application Security Engineer

Role: Senior Application Security Engineer

All submissions MUST HAVE a summary written by candidate referencing their experience

Client: Distribution/Wholesale (will reveal client when talk with candidate)

Duration: 612 months

Rate: $60 CC

Schedule: must INTERVIEW onsite must work onsite 4 days a week if hired

Mode: one interview

DO NOT POST THIS CLIENTS JOB DESCRIPTION ON JOB BOARDS.

DO NOT SHARE THIS CLIENTS JD WITH SISTER COMPANIES

Description:

Comments:

DevSecOps call with Client (Update)
Moving this to REQ to a contract to hire. 4 days in office will move to 3 days in the office in about 6 months will go to 3 days/week after everyone is up to speed.
DevOps and software engineer but can understand the code. Its going to be more DevOps. Not taking over the DevOps just implementing the security into it.
Could be on the DevOps team now and in charge of security depending on how the company is set up.
Would be in charge of all the Application security.

REQUIREMENTS/RESPONSIBILITIES
Senior Application Security Engineer to join our dynamic and innovative team. As a Senior Application Security Engineer you will play a critical role in ensuring the security and integrity of our applications systems and data. You will be responsible for identifying and mitigating security risks conducting thorough security assessments and providing expert guidance to our development and operations teams. If you are passionate about application security possess deep technical expertise and have a proven track record of implementing effective security measures we want to hear from you.

Key Responsibilities:
Security Assessments:

• • Conduct thorough security assessments of applications identifying vulnerabilities and providing detailed remediation guidance.
  • Perform code reviews and collaborate with development teams to integrate security best practices into the software development lifecycle.

Threat Modeling:

• • Develop and maintain threat models for applications identifying potential security threats and vulnerabilities.
  • Work closely with development teams to address security concerns during the design phase of projects.

Security Architecture:

• • Design implement and maintain secure architecture solutions for applications and systems.
  • Stay current with industry trends and emerging technologies to proactively address potential security challenges.

Incident Response:

• • Serve as a subject matter expert in incident response providing support in the event of a security incident or breach.
  • Collaborate with crossfunctional teams to investigate and remediate security incidents.

Security Training and Awareness:

• • Develop and deliver security training programs for development and operations teams.
  • Foster a culture of security awareness and best practices throughout the organization.

Tools and Automation:

• • Evaluate implement and manage security tools and automation processes to enhance the efficiency and the effectiveness of security initiatives.

Qualifications:

• • Need a minimum of four (4) years of experience in application security projects.
  • Need a minimum of three (3) years in software development principles and practices.
  • Need a minimum of three (3) years in enterprise class frameworks and programming
  • Candidate should have four (4) years in penetration testing code reviews (SAST / DAST / MAST) secure coding practices.
  • Familiarity with industry standards and frameworks (OWASP NIST etc.).
  • Excellent communication skills with the ability to convey complex security concepts to technical and nontechnical stakeholders.
  • Candidate should have exposure to OWASP and knowledge of issues with insecure coding practices