Application Security Engineer

$60,000 - $103,000/Yr

State Of Texas - Austin, TX

posted 10 days ago

Full-time
Onsite - Austin, TX
Executive, Legislative, and Other General Government Support

About the position

The Application Security Engineer at the Teacher Retirement System is responsible for ensuring the security of applications by implementing and managing security measures. This role involves collaboration with various teams to identify and mitigate security risks, develop security protocols, and provide training to development staff. The position is hybrid, requiring two days of onsite work per week in Austin, TX.

Responsibilities

  • Work with application development teams to develop and implement secure coding practices, including coding standards, code reviews, and security-focused testing.
  • Develop and execute a process for regular application security assessments, including code reviews, threat modeling, and design reviews.
  • Develop and maintain a library of secure coding resources for application developers.
  • Develop and implement application security policies and procedures that align with industry standards and best practices.
  • Provide regular reports to the Information Security Leadership on the status of application security assessments.
  • Work with application development teams to prioritize and remediate identified vulnerabilities.
  • Provide training and support to application developers on secure coding practices.
  • Monitor and enforce compliance with application security policies, procedures, and tooling.
  • Collaborate with the IT department, Information Security team, and application development teams to design and implement security controls and measures, including access controls, encryption, and network segmentation.
  • Perform related work as assigned.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, or a closely related field.
  • Four years of full-time related experience in cybersecurity, information security, systems analysis, programming, or IT business analysis.
  • One year of experience developing and training employees on security/privacy policies and data handling practices.
  • One year of experience conducting IT audits and needs analysis to improve business process solutions.

Nice-to-haves

  • Experience with risk management frameworks related to the National Institute of Standards and Technology.
  • Experience with security monitoring tools and network/web assessment tools.
  • Basic development or scripting experience in .Net, Python, or Java.
  • Experience with identifying security issues through code review.
  • GIAC 500 series or higher certifications, OSCP, or other security-related certifications.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service