Talent.com
TEKsystems
Sr. Application Security Engineer - Work from homeTEKsystems • Morrisville, NC, USA
Sr. Application Security Engineer - Work from home

Sr. Application Security Engineer - Work from home

TEKsystems • Morrisville, NC, USA
30+ days ago
Job type
  • Full-time
  • Remote
Job description
  • Description : * What will this person do? This individual is accountable for identifying weaknesses in our security posture within the application or web space while defining methods to achieve security control requirements via automation or highly efficient means that further support timely delivery and minimal overhead. They work in a team of infrastructure specialists and engineers making sure services are delivered and used securely as required. Works with and supports third parties to provide security services. The Sr. Application Security Engineer will advise and enable development and technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns *Best fit candidate will have a strong understanding of S-SDLC (Secure Software Development Life Cycle) process and implementation. Have a strong understanding of the OWASP top 10 Framework with Excellent communication skills to help guide / educate developers on creating code with security in mind in each phase of the SDLC. Responsibilities : Act as the point of contact for Application engineering and security. Participate in security code reviews, and automate penetration testing against products prior to move to production. Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure their architecture. Review development frameworks for security functionality, consistency, and uplift opportunities. Create threat models and leverage them to prioritize time based on risk impact. Educate and train product teams. Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects Implement and / or assess existing security controls Translates logical designs into physical designs. Produces detailed designs and documents all work using required standards, methods and tools, including prototyping tools where appropriate. Designs systems characterized by managed levels of risk, manageable business and technical complexity and meaningful impact. Works with well-understood technology and identifies appropriate patterns. Client Job Description : The Application Engineer, Cyber Security is responsible for building, managing and supporting information security that underpins all internal and external user technology services, according to security policies and best practices. The Application Engineer, Cyber Security has strong development experience in numerous programming languages and is the subject matter expert (SME) for concepts behind security controls and how they apply to application development, web presence and API services. This individual is accountable for identifying weaknesses in our security posture within the application or web space while defining methods to achieve security control requirements via automation or highly efficient means that further support timely delivery with minimal overhead. They work across internal and external teams of infrastructure specialists and software engineers making sure services are delivered and used securely as required, offering advice and guidance on security decisions and ensuring the effective use of common tools and patterns. The incumbent must have a service-oriented mentality, a high sense of ownership of the problems and requests assigned, a focus on managing and resolving issues in alignment with the SLAs, establishing and maintaining communication with technology customers to keep them updated with status of their requests, initiating and performing changes on production systems and proactively escalating any issues that cannot be resolved within the established timeframes. Additional insights, experience or background in any of the following are also of great value : NIST, ISO27001, Data Protection, Python Development, Static Code Analysis, Dynamic Code Analysis, Penetration Testing, Containers, MicroServices, CI / CD Pipeline, Agile, Git, Jira, Docker, Kubernetes, cloud security (AWS, Azure, GCP) and design, process maturity, and other related focuses. Primary Accountabilities : Technical (80%) - Be the security representative for multiple product lines and act as the point of contact for software engineering and security. - Perform architecture reviews to steer projects in the right direction, participate in security code reviews, and automate penetration testing against products prior to move to production. - Support software engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure their architecture. - Review development frameworks for security functionality, consistency, and uplift opportunities. - Create threat models and leverage them to prioritize time based on risk impact. - Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects. - Implement and / or assess existing security controls. - Translate logical designs into physical designs; produce detailed designs and document all work using required standards, methods and tools, including prototyping tools where appropriate. - Design systems characterized by managed levels of risk, manageable business and technical complexity and meaningful impact; works with well-understood technology and identifies appropriate patterns. Project Management (20%) - Work with application development teams to ensure secure software development lifecycle (S-SDLC) implementation and validation. - Educate and train product teams. - Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical cyber security subjects. Specific Technical Skills Needed : Security and Risk Assessment : - Aware of Security governance principles and able to apply them to the enterprise - Understands the legal and regulatory Issues relevant to the enterprise and does not place the enterprise at risk. Security Engineering : - Working knowledge of secure design principles - Working knowledge of database security - Working knowledge of cloud computing - Working knowledge of Cryptography Identity and Access Management : - Physical and logical access - LDAP - Multi-factor authentication - Session management - Credential management Software Development Security : - Working knowledge of software development lifecycles - Working knowledge of what software development methodologies are used in the enterprise and can explain what it means - Familiar with DevOps concepts - Working knowledge of security vulnerabilities and understands how the following work : Bounds checking, Input / output validation, Buffer overflow, Privilege escalation - Working knowledge of secure coding practices - Working knowledge of code repositories Individual Competencies : - Integrity : Gains the trust of others by taking responsibility for own actions and telling the truth. - Teamwork : Builds relationships and works cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually-beneficial partnerships, leverage information and achieve results. - Adaptable : Responds to change with a willingness to learn new ways to accomplish work objectives with a positive attitude. Innovative : Ability to develop, sponsor, or support the introduction of new and improved methods, products, procedures or technologies. - Curious : A desire to inquire and learn, to seek new knowledge and wisdom, and to listen to the contributions of others with a genuine interest to better self, the team, and the organization. - Analytical and Critical Thinking : Ability to tackle a problem by using a logical, systematic, sequential approach. - Problem Solving : Gathers and analyzes information to generate and evaluate potential solutions to problems, issues and challenges while weighing the accuracy and relevance of the facts, data and information. *Skills : * Applications Security, S-SDLC, SDLC, OWASP Top 10, Developer, Cloud, Information security, Code Review, Threat Modeling, owasp, Application security, Security architecture, Vulnerability, code deployment *Top Skills Details : * Applications Security,S-SDLC,SDLC,OWASP Top 10,Developer,Cloud,Information security,Code Review,Threat Modeling *Additional Skills & Qualifications : * Required Qualifications : Bachelor’s degree in Computer Science, Information Technology or related field 8-10 years of related work experience with application security, e.g. DAST, SAST, SCA, cloud security Or any equivalent combination of experience and training / certification that provides the required knowledge, skills, and abilities needed to complete the major responsibilities / essential functions of the position Certifications preferred. OSCP, CISSP, GCIH, GXPN, GPEN Working experience in web and mobile application security Working experience in distributed platform development security and design In-depth knowledge of web and mobile security standards and best practices (OWASP, etc.) Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.) Working experience with industry tools and technologies such as Burp, Metasploit, etc. Working knowledge of common languages *Experience Level : * Expert Level About TEKsystems : We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Create a job alert for this search

Sr. Application Security Engineer - Work from home • Morrisville, NC, USA

Similar jobs

Senior Director, Cyber Security Detection and Response

Synopsys IncMorrisville, NC, United States
Full-time

HIRING LOCATIONS: AUSTIN-TX, HILLSBORO-OR, or MORRISVILLE-NC.Synopsys is the leader in engineering solutions from silicon to systems, enabling customers to rapidly innovate AI-powered products.We d... Show more

 • Promoted

Remote Customer Service Representative – Product Testing

GLOCPAWake Forest, North Carolina
$15.00 hourly
Remote
Part-time +1

Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies.We guarantee 15-25 hours per week with an hourly pay of bet... Show more

 • Promoted

Work from Home - Online Product Support (Entry Level)

GLOCPAWake Forest, North Carolina
$15.00 hourly
Remote
Part-time +1

Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies.We guarantee 15-25 hours per week with an hourly pay of bet... Show more

 • Promoted

1-20-Infrastructure Security SME

Focused HR SolutionsRaleigh, North Carolina, United States
$70.00 hourly
Full-time
Quick Apply

A-8/9 - 716542 - Infrastructure Security SME - Remote & Raleigh, NC.Candidates will be allowed to work remotely.At times Candidate may be required to work onsite or attend meetings in Raleigh, ... Show more

Artificial Intelligence Engineer (Full-Time Remote, North Carolina Based)

Alliance HealthRaleigh, NC, United States
Remote
Full-time

OverviewThe Artificial Intelligence Engineer (AI Engineer) will design, develop, deploy, and integrate machine learning models, AI tools, and other analytics products into Alliance systems and work... Show more

 • Promoted

Remote Work From Home Call Center Agent - Part Time Panelists Needed

ApexFocusGroupWake Forest, North Carolina, US
Remote
Full-time +1

Seeking participants for Focus Group and market research studies.Work part-time from home and earn up to $750 per week.Register to see if you are eligible.Call Center Representative Agent experienc... Show more

 • Promoted

M - 3/18 - 759936 - Sr. Cloud Network/Security Engineer

Focused HR SolutionsRaleigh, North Carolina, United States
$150,000.00 yearly
Full-time
Quick Apply

Candidate will be allowed to work remote.Candidate must work EST business hours.All work must be completed in the United States.Our direct client has an opening for a Sr Cloud Network/Security Engi... Show more

Remote Amazon Web Services (AWS) Security Specialist

Reef SystemsCary, NC, United States
Remote
Full-time

Remote Amazon Web Services (AWS) Security Specialist Reef Systems is a small business based in Raleigh NC seeking an Amazon Web Services (AWS) Security specialist that can help us hardening our AWS... Show more

 • Promoted

Hiring Now - Work from Home - No Experience

OCPAWake Forest, North Carolina, us
$15.00 hourly
Remote
Part-time +1

Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies.We guarantee 15-25 hours per week with an hourly pay of bet... Show more

 • Promoted

Work-From-Home Product Advisor - $45 per hour

Great LionCary town, North Carolina
$45.00 hourly
Remote
Part-time +1

Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies.We guarantee 15-25 hours per week with an hourly pay of bet... Show more

 • Promoted

Senior DevSecOps / Security Engineer – Application & Cloud (Ecommerce)

ThorneRemote, South Carolina, US
Remote
Full-time
Quick Apply

At Thorne, we work to deliver high-quality, science-backed solutions to empower individuals to take a proactive approach to their well-being.Each day begins with a mission to help others discover a... Show more

Security Specialist- Mid Level Raleigh, NC Remote

My3Tech IncRaleigh, NC, United States
Remote
Full-time

Job opportunity with one of our Client, If Interested Please share your resume to Vinaykumar.Role :Security Specialist- Mid LevelLocation :221 E Lane Street, Raleigh, NC 27601Duration :12months con... Show more

 • Promoted

Work From Home - Product Specialist - $45 per hour

GL1Downey, Connecticut
$45.00 hourly
Remote
Part-time +1

Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies.We guarantee 15-25 hours per week with an hourly pay of bet... Show more

 • Promoted

Remote Sensing AI / ML Engineer

C-star SolutionsFuquay Varina, NC, United States
Remote
Full-time

Spectral ScientistC-Star supports our customers with advanced intelligence analysis to aid analysts, the warfighters and decision makers.You will be supporting a team in Springfield, VA located at ... Show more

 • Promoted

Marine Interdiction Agent

U.S. Customs and Border ProtectionGorman, NC, US
Full-time

NEW RECRUITMENT AND RETENTION INCENTIVES!.Air and Marine Operations (AMO), a component of U.Customs and Border Protection (CBP) offers those with Merchant Mariner Credentials the exceptional opport... Show more

 • Promoted

Work At Home Online Entry Level - Remote Focus Group Panelist

Apex Focus Group LLCWake Forest, North Carolina, United States
Remote
Part-time

We're currently looking for individuals across the country to take part in remote paid research, including remote focus groups, product trials, and consumer studies.Earn up to $750 a week in your f... Show more

 • Promoted

Sr. Data Engineer

CoforgeRaleigh, NC, United States
Full-time

Azure Data Factory, Databricks, Snowflake, Azure Devops.Data Engineer with following skillset :.Solid 10+ years of experience in Data engineering especially Azure Data factory, Databricks and Snowf... Show more

 • Promoted

Physical Security Design Consultant

Protus3Raleigh, NC, United States
Full-time

We’re looking for a Senior Physical Security Design Consultant to join our team in Raleigh, NC.IT, Information Security, or Cybersecurity position.You will be expected to be physically present in o... Show more

 • Promoted

Firmware Security Engineer

OnLogicCary, NC, US
$100,000.00 yearly
Full-time
Quick Apply

OnLogic, you will be a vital part of a team dedicated to developing and protecting cutting-edge industrial computing products.You will lead vulnerability management and firmware/software coding tas... Show more

Aviation Electronics, Electrical & Computer Systems Technician

US NavyButner, NC, US
Full-time

Advanced Electronics / Computer Field (ET/FC).The Advanced Electronics and Computer Field trains Sailors to maintain, operate, and repair some of the Navy’s most sophisticated electronics and compu... Show more