Application Security Engineer

Intone Networks - New York, NY

posted about 1 month ago

Full-time - Mid Level
New York, NY
Professional, Scientific, and Technical Services

About the position

The Application Security Engineer will work closely with development, engineering, and operational teams to establish and uphold secure application architectures. This role focuses on implementing security best practices, advising teams on threat mitigation, and integrating security tools throughout the development lifecycle.

Responsibilities

  • Collaborate with product development, management, and engineering teams to design security architectures that ensure compliance with regulations (e.g., HIPAA, SHIELD Act) and meet operational requirements.
  • Provide hands-on guidance to engineering teams for implementing security controls, best practices, and recommendations.
  • Develop and integrate Secure Development Lifecycle (SDL) processes and tools within the CI/CD pipeline.
  • Assist teams in performing threat modeling, identifying application vulnerabilities, and recommending mitigation strategies.
  • Support the analysis of vulnerability and static/dynamic scan results, offering technical solutions to mitigate risks.
  • Identify and automate security solutions and tasks using appropriate tools and techniques.

Requirements

  • Strong understanding of application security standards and best practices (OWASP, SANS, NIST).
  • Expertise in integrating security into the SDLC, performing threat modeling, and risk assessments.
  • Experience with API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM).
  • Proficient in DevOps/DevSecOps and integrating security into CI/CD pipelines.
  • Self-motivated with strong collaboration skills in a fast-paced agile environment.
  • 3+ years of experience with security tools like SD Elements, Veracode, Tenable, or Rapid7.
  • Familiarity with integrating issue tracking into ServiceNow (a plus).
  • 10 years of Information Technology experience.
  • 5 years of Application Development experience.
  • 7+ years of security engineering experience.
  • Bachelor's degree in information security/systems or equivalent experience.
  • CISSP/CCSP certification is a plus.

Nice-to-haves

  • Familiarity with integrating issue tracking into ServiceNow (a plus).
  • CISSP/CCSP certification is a plus.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service