Application Security Engineer 2
Application Security Engineer 2
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Overview
Job Summary
The role of Senior Application (software) Security Engineer is a mid-level hands-on engineering focused position responsible for helping to foster a Secure SDLC and secure by design approach and practice throughout all our software engineering role holder must have a good combination of technical and communication will work across a wide portfolio of applications both legacy and new covering a variety of development stack software services APIs and systems. She or he will provide Software Engineering teams with in-depth and practical secure development expertise to engineering InfoSec Data IT and other teams. They will serve as subject matter experts for the creation of secure software design build and delivery standards policies and procedures and they will provide security advice to colleagues.
Responsibilities
Essential Functions/Responsibilities
- Ensure that the application estate is built deployed/delivered and operated securely according to industry standards as well as our own.
- Execute Application Security tests code reviews and architecture validations
- Provide expert software security advice (design coding testing etc) to the Software Engineering community to InfoSec DevOPS and other colleagues.
- Do research and regularly consult with colleagues
- Deliver secure software development training (e.g. OWASP Top10)
- Co-work with Security Analysts and other colleagues on software vulnerabilities and security issues: determine scope severity and potential impact recommend next steps follow through with risk treatment and mitigation.
- Escalate issues appropriately to various teams and levels of authority inside the organization.
- Act as the first Point of Contact (POC) for all application / software security issues vulnerabilities events anomalies incidents and investigations.
Qualifications
Minimum Qualifications
- Bachelors degree in a relevant business or technical discipline is required.
- 5 years of relevant work experience
- In-depth knowledge of application security concepts best practices and methods
- Demonstrated ability to code in at least one programming language (python javascript typescript go)
- Experience with various application security tools including SAST SCA DAST
- Experience with Web Application security testing like Web Pentesting Fuzzing Automated test
Even Better If You Have
- Experience securing cloud infrastructure and cloud applications.
- Working knowledge of web mobile API Microservices network and security architectures and design patterns.
- Working knowledge of AWS native security tools.
- Understanding of security by design principles and architecture level security concepts.
- Knowledge of current and emerging security technologies threats and techniques for exploiting security vulnerabilities.
- Experience with methodologies and tools for threat analysis of systems such as threat modeling and software fuzzing.
- Experience with developer tools and environments project management and bug tracking systems.
- Experience in implementing and integrating security tools into CI/CD.
EEO Commitment
EEO Commitment
PowerSchool is committed to a diverse and inclusive workplace. PowerSchool is an equal opportunity employer and does not discriminate on the basis of race national origin gender gender identity sexual orientation protected veteran status disability age or other legally protected status. Our inclusive culture empowers PowerSchoolers to deliver the best results for our customers. We not only celebrate the diversity of our workforce we celebrate the diverse ways we work. If you have a disability and need an accommodation regarding our recruiting process please let us know by emailing
Employment Type
Full-Time
