Robert Half - New Brunswick, NJ

posted 22 days ago

Full-time
New Brunswick, NJ
Administrative and Support Services

About the position

The Application Security Engineer will be responsible for safeguarding software applications throughout the development process. This role involves collaborating with development teams to implement security best practices, identify vulnerabilities, and ensure compliance with security standards. The engineer will utilize various application security tools and methodologies to enhance the security posture of the organization.

Responsibilities

  • Work with development teams to integrate security throughout the Software Development Lifecycle (SDLC), including design, coding, testing, and deployment.
  • Conduct threat modeling exercises, perform risk assessments, and recommend appropriate countermeasures.
  • Conduct secure code reviews manually and using automated tools to identify and remediate security vulnerabilities.
  • Identify, prioritize, and address vulnerabilities using tools such as static and dynamic application security testing (SAST/DAST), fuzzing, and penetration testing.
  • Implement security testing frameworks, including unit tests, integration tests, and penetration testing during development.
  • Provide security training and awareness sessions to developers and product teams, focusing on secure coding practices.
  • Assist in security incident investigations, analyze root causes, and implement preventive measures for application-level security incidents.
  • Ensure that application development adheres to relevant security standards, policies, and industry best practices (e.g., OWASP Top 10, NIST, PCI-DSS).
  • Work closely with other security teams, DevOps engineers, and IT teams to implement and monitor security measures.
  • Evaluate, deploy, and maintain application security tools and technologies such as WAF (Web Application Firewall), SAST, DAST, and security scanners.
  • Develop and integrate automated security checks into CI/CD pipelines to ensure continuous application security.
  • Collaborate with architects and system designers to propose secure application designs and architectures.

Requirements

  • Strong understanding of application security tools and methodologies.
  • Experience with security integration in the Software Development Lifecycle (SDLC).
  • Proficiency in conducting threat modeling and risk assessments.
  • Ability to perform secure code reviews and vulnerability management.
  • Experience with security testing frameworks and tools (SAST/DAST).
  • Knowledge of security standards and compliance frameworks (e.g., OWASP Top 10, NIST, PCI-DSS).
  • Strong collaboration skills to work with development, security, and IT teams.

Benefits

  • Medical insurance
  • Vision insurance
  • Dental insurance
  • Life insurance
  • Disability insurance
  • 401(k) plan
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service