Application Security Engineer/REMOTE

$124,800 - $135,179/Yr

Randstad - New York, NY

posted 16 days ago

Full-time - Mid Level
Remote - New York, NY
Administrative and Support Services

About the position

The Application Security Engineer role is a contract-to-hire position within a growing start-up in the healthcare sector. This fully remote opportunity involves joining a dynamic security team to enhance application security practices, conduct vulnerability assessments, and collaborate with development teams to ensure secure coding practices are followed throughout the software development lifecycle (SDLC).

Responsibilities

  • Perform security assessments of web-based applications to identify vulnerabilities such as SQL injection, XSS, and CSRF.
  • Conduct secure code reviews and collaborate with developers to remediate security flaws.
  • Utilize security tools like SAST, DAST, SCA, and open-source tools to identify security issues.
  • Review and recommend enhancements for the SDLC process, providing structure for design phase reviews.
  • Create threat models for new features and applications to identify security risks during the design phase.
  • Work closely with development teams, DevOps, and other stakeholders to embed security into the SDLC.
  • Assist in delivering security awareness training and workshops to development teams.
  • Maintain and contribute to security documentation, including policies, procedures, and guidelines.
  • Ensure applications comply with security standards and regulations, such as HIPAA.

Requirements

  • Proficient in programming languages such as React, Python, and PostgreSQL.
  • Proven experience in application security, including vulnerability assessments, design reviews, and threat modeling.
  • Strong understanding of web application architectures and common application security vulnerabilities.
  • Knowledge of application security frameworks, such as OWASP Top 10.
  • Familiarity with AWS or other cloud service providers.
  • Experience with modern container technologies and container security best practices.
  • Relevant certifications such as CISSP, CEH, or CSSLP are a plus.

Benefits

  • Health insurance
  • Incentive and recognition program
  • 401K contribution

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service