John Galt Staffing - Dedham, MA

posted 22 days ago

Full-time
Dedham, MA
Professional, Scientific, and Technical Services

About the position

The Application Security Engineer will be responsible for ensuring the security of the company's web applications under the supervision of the Manager of Applications Development. This role involves collaborating with development teams to implement security best practices and integrating security measures into the software development life cycle (SDLC). The ideal candidate will have extensive experience with security tools and technologies, as well as a strong understanding of web application security principles.

Responsibilities

  • Develop and enforce security best practices for software development
  • Perform security audits, risk assessments, and code reviews
  • Integrate security measures into the SDLC (Software Development Life Cycle)
  • Collaborate with development teams to address security issues and ensure compliance with security standards
  • Develop and maintain secure coding guidelines for Java, Oracle, WebLogic, and J2EE technologies
  • Stay updated on the latest security threats and countermeasures
  • Internally scan applications, manage vulnerabilities, and remediate security issues
  • Work with onshore and offshore team members to conduct security updates to libraries and internal software
  • Hands-on development to implement new security features as part of any application development
  • Work closely with the infrastructure team to improve the security posture of all systems

Requirements

  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of IT development experience
  • Proficient in Java, J2EE technologies, Oracle databases, and WebLogic
  • Minimum of 3 years of experience in application security or a related field
  • Strong understanding of web application security principles and how to apply them
  • Experience with security testing tools and methodologies
  • Excellent problem-solving skills and ability to think like both a developer and a security analyst
  • Familiarity with security frameworks such as OWASP
  • Familiarity with various application security tools such as Veracode, SonarQube, DataDog, Quixxi, Rapid7
  • Security certification strongly preferred, including but not limited to CISSP, CISM, CISA
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service