Robert Half - New York, NY

posted 27 days ago

Full-time - Mid Level
New York, NY
Administrative and Support Services

About the position

The Application Security Engineer role is essential for ensuring the security of applications, services, and infrastructure by integrating security practices into the Software Development Lifecycle (SDLC). This position involves identifying and mitigating security risks, collaborating with various teams, and advocating for secure coding practices throughout the development process.

Responsibilities

  • Lead the integration of security practices into all phases of the SDLC, including planning, development, testing, and deployment
  • Identify, assess, and prioritize security risks within applications, services, and infrastructure, and collaborate with cross-functional teams to mitigate these risks
  • Conduct threat modeling exercises to anticipate potential attack vectors and vulnerabilities, and work with development teams to implement countermeasures
  • Perform application security assessments, including code reviews, vulnerability scanning, penetration testing, and static/dynamic analysis
  • Advocate for secure coding practices and design patterns, providing guidance to development teams to reduce security vulnerabilities
  • Collaborate with the incident response team to investigate, analyze, and remediate security incidents related to applications and services
  • Deploy and maintain application security tools such as static code analysis, dynamic testing tools, and dependency analysis
  • Educate and mentor developers and engineering teams on secure coding practices and emerging security threats
  • Ensure compliance with industry standards, regulations, and best practices (e.g., OWASP, NIST, GDPR) in the context of application security
  • Stay current on the latest security trends, vulnerabilities, and technologies, and recommend and implement improvements to existing security processes and policies

Requirements

  • Possess a minimum of 5 years of experience in the field of application security engineering
  • Must have a strong understanding of SDLC - Software Development Life Cycle
  • Experience with HITRUST is required
  • Knowledge and experience with Open Web Application Security Project is essential
  • Proficiency in Application Security is a must
  • Strong background in Python scripting is necessary
  • Ability to work independently and as part of a team
  • Excellent communication and problem-solving skills
  • Demonstrated ability to handle multiple tasks and prioritize work
  • Must have a strong ethical standpoint and respect for confidentiality requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related field is preferred.

Benefits

  • Medical insurance
  • Vision insurance
  • Dental insurance
  • Life insurance
  • Disability insurance
  • 401(k) plan
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service