Robert Half - New Brunswick, NJ

posted 20 days ago

Full-time - Mid Level
New Brunswick, NJ
Administrative and Support Services

About the position

The Application Security Engineer will be responsible for safeguarding software applications throughout the development process. This role involves collaborating with development teams to implement security best practices, identify vulnerabilities, and ensure compliance with security standards. The engineer will utilize various application security tools and methodologies to enhance the security posture of the organization.

Responsibilities

  • Integrate security throughout the Software Development Lifecycle (SDLC) including design, coding, testing, and deployment.
  • Conduct threat modeling exercises and perform risk assessments to recommend appropriate countermeasures.
  • Perform secure code reviews manually and using automated tools to identify and remediate security vulnerabilities.
  • Identify, prioritize, and address vulnerabilities using tools such as SAST, DAST, fuzzing, and penetration testing.
  • Implement security testing frameworks, including unit tests, integration tests, and penetration testing during development.
  • Provide security training and awareness sessions to developers and product teams focusing on secure coding practices.
  • Assist in security incident investigations, analyze root causes, and implement preventive measures for application-level security incidents.
  • Ensure that application development adheres to relevant security standards, policies, and industry best practices.
  • Collaborate with other security teams, DevOps engineers, and IT teams to implement and monitor security measures.
  • Evaluate, deploy, and maintain application security tools and technologies such as WAF, SAST, DAST, and security scanners.
  • Develop and integrate automated security checks into CI/CD pipelines to ensure continuous application security.
  • Collaborate with architects and system designers to propose secure application designs and architectures.

Requirements

  • Strong understanding of application security tools and methodologies.
  • Experience with security integration in SDLC.
  • Proficiency in threat modeling and risk assessment techniques.
  • Ability to conduct secure code reviews and vulnerability management.
  • Experience with security testing frameworks and incident response.

Nice-to-haves

  • Familiarity with OWASP Top 10, NIST, and PCI-DSS compliance frameworks.
  • Experience with automation in CI/CD pipelines.
  • Knowledge of secure application design principles.

Benefits

  • Medical insurance
  • Vision insurance
  • Dental insurance
  • Life and disability insurance
  • 401(k) plan
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service