Application Security Engineer

The Active Network - Atlanta, GA

posted 13 days ago

Full-time - Mid Level
Remote - Atlanta, GA
1,001-5,000 employees

About the position

The Application Security Engineer is responsible for designing and implementing secure applications that meet business functionality and performance needs. This role involves applying security controls within the application development pipeline, reviewing security architecture designs, and interpreting vulnerability scanning results. The engineer will work closely with developers and stakeholders to integrate security principles throughout the software development lifecycle, ensuring that security measures are effective and compliant with regulatory requirements.

Responsibilities

  • Designs applications of advanced complexity with maximum security applied.
  • Applies application development understanding and includes security controls within the application pipeline for moderately complex projects.
  • Reviews security architecture designs independently and drafts recommendations.
  • Utilizes knowledge of premise or cloud-based security platforms to build implementation guides.
  • Interprets vulnerability scanning results to identify and mitigate true issues.
  • Communicates InfoSec policies and guidelines to IT and non-IT resources.
  • Builds relationships with developers and stakeholders to incorporate security principles into engineering design.
  • Performs testing and validation of application security controls across projects.
  • Oversees implementation of defensive practices across infrastructure and applications.
  • Drafts and upholds CI/CD security strategy and practices.
  • Supports early incorporation of security throughout the development lifecycle.
  • Identifies vulnerabilities in code through assessments and promotes quick remediation.
  • Communicates vulnerability results effectively to technical and non-technical business units.

Requirements

  • Bachelor's Degree in Information Security or Computer Science.
  • Typically a minimum of 4 years of relevant experience as an Information Security Analyst or related role.
  • Strong understanding of regulatory audit requirements and solutions to address findings.
  • One or more security certifications such as eWPTX, OSWE, CISSP, CEH, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, Security +, CGEIT, CCSP.
  • Understanding of OWASP, CVSS, the MITRE ATT&CK framework, and the software development lifecycle.

Nice-to-haves

  • Typically a minimum of 6 years of relevant experience.
  • Experience as an Information Security Analyst, Security focused Network Admin/Engineer, or Systems Admin/Engineer.
  • Experience with operations and security across AWS, Microsoft Azure, or Google Cloud Platform.

Benefits

  • Health insurance coverage
  • 401k retirement savings plan
  • Paid holidays
  • Flexible scheduling options
  • Professional development opportunities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service