Security Engineer - Application Security

Aloden - Westlake, TX

posted 4 days ago

Full-time - Mid Level
Westlake, TX
10,001+ employees

About the position

The Security Engineer - Application Security role focuses on identifying and mitigating application security risks within a large enterprise environment. The position requires expertise in application security engineering, vulnerability assessment, and secure coding practices, with a strong emphasis on integrating security into the development lifecycle through DevSecOps practices.

Responsibilities

  • Identify and assess application security risks, vulnerabilities, and threats.
  • Conduct security assessments and penetration testing of applications.
  • Provide recommendations and guidance on secure coding practices and remediation of vulnerabilities.
  • Implement and manage automated application security testing tools.
  • Integrate security into the development lifecycle (DevSecOps).
  • Collaborate with development teams to ensure secure application development.
  • Develop and maintain security documentation and procedures.

Requirements

  • 5+ years of Application Security Engineering experience, or equivalent demonstrated through a combination of work experience, training, military experience, or education.
  • 5+ years of troubleshooting experience in complex technical environments.
  • 2+ years of experience implementing technical solutions in a large enterprise (150K+ employees).
  • 2+ years of experience with scripting tools such as Bash, Python, and PowerShell.
  • 1+ year of experience writing SQL queries.
  • 1+ year of experience building/managing MS SQL and/or Oracle databases, including data feeds and ETL.

Nice-to-haves

  • Expert understanding of OWASP Top 10 and SANS/CWE Top 25 vulnerabilities.
  • Experience in developing applications using Java, .NET (preferred), C#, JavaScript, Python, or other modern OOP languages.
  • Experience managing automated application security testing tools (SAST, DAST, SCA).
  • Ability to provide strategic and tactical security guidance for secure application development, including technical control recommendations.
  • Experience integrating application security tools into the CI/CD pipeline.
  • Experience with DevSecOps practices and principles.
  • One or more of the following application security certifications: OSCP, OSEP, OSWE, CEH, LPT, CPT, CEPT, CASS, CASE, CMWAPT, CRTOP, GIAC GEVA/GPEN/GWAPT/Google Cloud PlatformN/GXPN/GMOB/GDAT.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service