Application Security Engineer (Remote)

Sherlock Tech Staffing - Boca Raton, FL

posted about 1 month ago

Full-time - Mid Level
Remote - Boca Raton, FL

About the position

Our client is looking for a remote Security Engineer who will play a key role as part of the Infosec team. The successful candidate will have a strong background in security best practices and their integration into workflows. This position involves designing and implementing a modern security reference architecture and working closely with development and engineering resources to build foundationally secure applications. The role requires a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure. The Security Engineer will also provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services. The responsibilities include developing and maintaining internal application security tooling, automating security testing and vulnerability management procedures, and assisting in the integration of security into the build and deployment process. The engineer will perform vulnerability research, assessment, and management, serving as a technical security/risk advisor on all new technologies used or developed, such as AWS, session management, SSO, databases, WAF, and open-source libraries. Additionally, the engineer will support the engineering team by suggesting remediation strategies for reported vulnerabilities and assist developers in remediating vulnerabilities by providing line-by-line guidance. Training and education on software security best practices in various cloud-based systems will also be part of the role.

Responsibilities

  • Develop and maintain internal application security tooling.
  • Automate security testing and vulnerability management procedures where reasonable.
  • Assist integration of security into the build/deployment process.
  • Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure.
  • Provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services.
  • Perform vulnerability research, assessment, and management, serving as a technical security/risk advisor on all new technologies used/developed such as AWS, session management, SSO, Database, WAF, and open-source libraries.
  • Support the engineering team by suggesting remediation strategies for reported vulnerabilities.
  • Assist developers in remediating vulnerabilities by providing line-by-line guidance.
  • Provide training and education to developers on software security best practices in various cloud-based systems.
  • Utilize dynamic application vulnerability scanning.
  • Utilize static application vulnerability scanning.

Requirements

  • Bachelor's Degree in InfoSec, Computer Science, or a related discipline.
  • Experience with full-stack web development.
  • Working knowledge of SQL.
  • Complete, deliver and maintain compliance documentation for internal and external users.
  • Experience developing and working with Web APIs.
  • Experience interpreting results from Static Code Scanning tools.
  • Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, OKTA, and other SSO technologies.
  • Experience with creating and maintaining Threat Models at scale.
  • Experience with securing database platforms.
  • Experience in remediating security vulnerabilities beyond OWASP Top 10.
  • Experience in performing security assessments on cloud-based multi-tenant Software-as-a-Service (SaaS) applications.
  • Experience in assessing the security of native and hybrid mobile applications beyond the use of automated tools.
  • Functional knowledge of AWS application infrastructure.

Nice-to-haves

  • Experience developing in PHP/Larvel Framework.
  • Experience with RDS.
  • Experience in at least one scripting language (Python/Ruby/Perl).
  • Experience working with SaaS applications preferably in the EdTech or AI/ML Space.

Benefits

  • An amazing team of friendly and inclusive people who pull together and openly help each other.
  • Passionate team members who have fun, work productively and take pride in everything we do.
  • We're curious to explore new ideas, find innovative solutions and we're not afraid to learn as we grow.
  • We work remotely.
  • We recharge with unlimited PTO.
  • Our focus is on team member health and well-being - we have a Health Day once a month.
  • We offer a comprehensive healthcare program.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service