Application Security Engineer

Peer Consulting Resources Inc.

Job Location:

Brooklyn, NY - USA

Monthly Salary: Not Disclosed

Posted on: 7 hours ago

Vacancies: 1 Vacancy

Job Summary

Contact Details:

Vimala
Email:
Cell:

Mamidala
Email:
Cell:

Job Title: Application Security Engineer
Location: 9 MetroTech Brooklyn NY 11201 (The position will be 3-day onsite hybrid)

Duration: 12 months

Years of Experience: 10 Years
Required Hours/Week: 35Hours/Week

Note:

local candidates only.

Job Overview:

The Application Security Engineer is embedded within the Application Development team and ensures security is integrated into all stages of software development. The role focuses on designing and building secure applications while working closely with application administrators who manage security tools and CI/CD pipelines.
This position is responsible for enabling developers to produce secure resilient and compliant software for web mobile API GIS and cloud-based systems supporting Fire EMS and administrative operations.

Responsibilities:
1. Secure Software Development

Establish and apply secure coding practices within the development team.
Define and enforce secure coding standards for Python and JavaScript applications.
Conduct secure design and architecture reviews for new and legacy systems.
Educate developers on secure coding practices authentication/authorization best practices and common application vulnerabilities.

Apply protections aligned with:
o OWASP Top 10
o OWASP API Security Top 10

2. Application & API Security

Design and implement secure REST APIs and web services.

Implement secure authentication/authorization using:

o SAML2
o OIDC
o OAuth2

Secure Java and JavaScript applications including:

o Spring Boot
o React

Ensure secure handling of tokens sessions and secrets.
Collaborate with App Admins and Security team to integrate applications into WAFs load balancers and other security monitoring tools.

Mandatory Qualifications:

Minimum 4 years in secure application development.
Prior hands-on software development experience.

Strong understanding:

o Web and mobile application architecture
o Internet protocols (HTTP HTTPS WebSockets)
o REST API security

Expertise in SAST DAST and SCA concepts (understanding results and remediation) in collaboration with App Admins.
Familiarity with security tools such as Veracode Burp Suite Zimperium Prisma Rapid7.
Experience applying NIST 800-53 and 800-171 controls at the application design level.
Strong analytical troubleshooting and problem-solving skills.
Ability to work independently within a development-focused team.

Preferred Qualifications:

Experience with containerized applications (Docker Kubernetes).

Knowledge:
o Core Java J2EE Spring Boot
o React AngularJS HTML5 CSS JavaScript

Experience designing secure GIS systems.
Familiarity with public safety or emergency response systems.

Contact Details: Vimala Email: Cell: Mamidala Email: Cell: Job Title: Application Security Engineer Location: 9 MetroTech Brooklyn NY 11201 (The position will be 3-day onsite hybrid) Duration: 12 months Years of Experience: 10 Years Required Hours/Week: 35Hours/Week ...