Application Security Developer

$115,000 - $115,000/Yr

Mio Partners - New York, NY

posted 4 days ago

Full-time - Mid Level
New York, NY

About the position

The Application Security Developer will be responsible for defining and implementing application security measures for MIO applications and infrastructure. The role focuses on enhancing the security posture of applications throughout the software development life cycle (SDLC) by collaborating with various stakeholders, including development teams and management. The ideal candidate will have a strong background in application security and software development, with a passion for operational excellence and customer orientation.

Responsibilities

  • Review application code and educate stakeholders on secure coding practices.
  • Liaise closely with vendors to follow MIO-defined security practices and data privacy policies.
  • Work collaboratively with IT to incorporate security best practices throughout the SDLC.
  • Own the metrics and report on the progress of the ShiftLeft initiative.
  • Update security policies and procedures and track adherence.
  • Research and identify application security vulnerabilities and recommend countermeasures.
  • Liaise with application development teams to design inherently secure applications.
  • Configure, operate, and automate application security testing processes, including SCA, SAST, DAST, and IAST.
  • Perform manual code reviews to uncover security vulnerabilities or design flaws.
  • Provide subject-matter expertise in application code and IaC security best practices.
  • Support and consult with development teams in application security, including application threat modeling and code reviews.
  • Advocate and champion ShiftLeft security initiatives and processes.
  • Contribute to raising security awareness among team members through instruction and hands-on training.

Requirements

  • Bachelor's degree in computer science or related field (or equivalent experience).
  • Two to five years of application security and software development experience.
  • Ability to build secure and reusable modules/libraries and identify and mitigate application code-related security findings.
  • Proficiency in one or more programming languages (Python, Java, C++).
  • Understanding of CWE 25 and OWASP Top 10 with experience implementing remediation strategies.
  • Familiarity with application security control frameworks and current usage in applications (e.g., authentication, cryptography and data protection, authorization, web application firewall).
  • Excellent understanding of application security testing automation, including SCA, SAST, DAST, and IAST.
  • Knowledge of web application technologies and layer seven protocols such as HTTP, FTP, and DHCP.
  • Experience in AWS technologies and exposure to Python development is a strong plus.
  • Experience working with code management tools such as GitHub/GitLab.
  • Strong communication skills with the ability to interact with stakeholders at various levels.
  • Strong ability to simplify complex AppSec topics to non-expert audiences.
  • Strong problem-solving and analytical skills.

Nice-to-haves

  • Experience in AWS technologies and exposure to Python development is a strong plus.

Benefits

  • Medical, dental and vision coverage.
  • Telemedicine services.
  • Life, accident and disability insurance.
  • Parental leave and family planning benefits.
  • Caregiving resources.
  • Generous retirement program.
  • Financial guidance.
  • Paid time off.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service