Application Security Engineer

Global Payments - Atlanta, GA

posted 14 days ago

Full-time - Mid Level
Remote - Atlanta, GA
Credit Intermediation and Related Activities

About the position

The Application Security Engineer is responsible for designing and implementing secure applications that meet business functionality and performance needs. This role requires a deep understanding of security architecture and collaboration with various IT areas to mitigate threats and vulnerabilities. The engineer will apply their expertise in application development, security controls, and vulnerability management to ensure robust security practices throughout the software development lifecycle.

Responsibilities

  • Design applications of advanced complexity with maximum security applied.
  • Incorporate security controls within the application pipeline for moderately complex projects.
  • Review security architecture designs independently and draft recommendations.
  • Utilize knowledge of premise or cloud-based security platforms to create implementation guides.
  • Interpret vulnerability scanning results and identify appropriate mitigation strategies.
  • Communicate InfoSec Architectural and Application Security policies to IT and non-IT resources.
  • Build relationships with developers and stakeholders to integrate security principles into engineering design.
  • Perform testing and validation of application security controls across projects.
  • Oversee implementation of defensive practices across infrastructure and applications.
  • Draft and uphold CI/CD security strategy and practices.
  • Support the incorporation of security early in the development lifecycle.
  • Identify vulnerabilities in code through assessments and promote quick remediation.
  • Communicate vulnerability results effectively to technical and non-technical business units.

Requirements

  • Bachelor's Degree in Information Security or Computer Science.
  • Typically a minimum of 4 years of relevant experience as an Information Security Analyst or related role.
  • Strong understanding of regulatory audit requirements and solutions to address findings.
  • One or more relevant certifications such as eWPTX, OSWE, CISSP, CEH, CISA, CISM, etc.
  • Understanding of OWASP, CVSS, the MITRE ATT&CK framework, and the software development lifecycle.

Nice-to-haves

  • Typically a minimum of 6 years of relevant experience.
  • Experience as an Information Security Analyst, Security focused Network Admin/Engineer, or Systems Admin/Engineer.
  • Experience with operations and security across AWS, Microsoft Azure, or Google Cloud Platform.

Benefits

  • Health insurance
  • 401k plan
  • Paid holidays
  • Flexible scheduling
  • Professional development opportunities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service