Application Security Engineer

Insight Global - Middletown, PA

posted 16 days ago

Full-time
Remote - Middletown, PA
Administrative and Support Services

About the position

The Application Security Engineer will be a key member of the enterprise Information Security organization, responsible for developing and implementing a comprehensive Application Security program. This role involves traditional security engineering tasks, code reviews, vulnerability identification, and educating teams on secure coding practices. The position is fully remote and requires the individual to work during EST hours.

Responsibilities

  • Design, develop, and implement a robust Application Security program.
  • Create and maintain application security policies, standards, and procedures.
  • Work with relevant teams to integrate security into their software development lifecycle (SDLC) processes.
  • Establish metrics and reporting mechanisms to track the effectiveness of the AppSec program.
  • Conduct regular security assessments including static and dynamic code analysis.
  • Perform penetration testing on applications and systems to identify and exploit vulnerabilities.
  • Collaborate with development teams to remediate identified security issues and vulnerabilities.
  • Develop and deliver training programs on secure coding practices for development teams.
  • Participate in the incident response process, focusing on application-related security incidents.
  • Maintain comprehensive documentation for all aspects of the AppSec program.

Requirements

  • 5+ years of experience in application security and security engineering
  • Experience supporting, developing, and implementing application security programs, standards, and policies
  • Strong programming experience with Python (Java, C#, JavaScript are a plus)
  • Understanding of API frameworks and API security
  • Strong experience working in a cloud environment (AWS preferred)
  • Experience with automation tools and frameworks for security engineering
  • Exposure to container security solutions (Docker, ECS, AKS, Fargate, etc.)
  • Proven ability to work effectively with technical teams and functional, business partners
  • Excellent communication skills and experience working in a large enterprise environment
  • Experience with CI/CD pipelining
  • Experience with application/infrastructure penetration testing
  • Experience with SIEM and SOAR tools

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service