Application Security Engineer at Motion Recruitment
Arlington, TX 76001
About the Job
Senior Engineer- Information SecurityAs a Senior Application Security Engineer, you will play a critical role in strengthening the security of our applications throughout their entire lifecycle
You will work closely with development teams to embed security best practices, conduct comprehensive threat modeling, and leverage OWASP ASVS techniques to identify and mitigate vulnerabilities.The company is located in Reston, VA and will require onsite a couple times a month.What You Will Be DoingLead and support the adoption of secure coding practices across development teamsConduct in-depth threat modeling for both new and existing applications to identify potential security risksPerform proactive security assessments and code analysis to uncover and address vulnerabilitiesParticipate in code reviews for languages such as Java, Python, etc.Conduct both manual and automated secure code reviews for various programming languagesCollaborate with developers to provide actionable remediation guidance and promote secure coding practicesImplement and maintain automated security testing tools and processesAssess third-party libraries and dependencies for potential security risksStay updated on evolving security threats, vulnerabilities, and technologies to continually enhance application security strategiesWork with cross-functional teams, including Engineering and Operations, to integrate security within the software development lifecycle (SDLC)Required Skills & Experience:Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience)10+ years of proven experience in Application Security Engineering or a similar positionStrong knowledge of OWASP ASVS and application security best practicesSolid experience with threat modeling methodologies and tools5+ years of hands-on development experience in one or more programming languages such as Java, C, C++, or PythonExpertise in secure coding practices (e.g., encryption, authentication, secure API design)Proficiency in security assessments, including penetration testing and code reviewsExperience with SAST, DAST, and SCA tools like CodeQL, Burp Suite Enterprise, etc.Strong communication skills, with the ability to explain technical concepts to non-technical audiencesCertifications such as CEH or equivalent are a plusThe Offer:
15% bonusApplicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.Specialization:
You will work closely with development teams to embed security best practices, conduct comprehensive threat modeling, and leverage OWASP ASVS techniques to identify and mitigate vulnerabilities.The company is located in Reston, VA and will require onsite a couple times a month.What You Will Be DoingLead and support the adoption of secure coding practices across development teamsConduct in-depth threat modeling for both new and existing applications to identify potential security risksPerform proactive security assessments and code analysis to uncover and address vulnerabilitiesParticipate in code reviews for languages such as Java, Python, etc.Conduct both manual and automated secure code reviews for various programming languagesCollaborate with developers to provide actionable remediation guidance and promote secure coding practicesImplement and maintain automated security testing tools and processesAssess third-party libraries and dependencies for potential security risksStay updated on evolving security threats, vulnerabilities, and technologies to continually enhance application security strategiesWork with cross-functional teams, including Engineering and Operations, to integrate security within the software development lifecycle (SDLC)Required Skills & Experience:Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience)10+ years of proven experience in Application Security Engineering or a similar positionStrong knowledge of OWASP ASVS and application security best practicesSolid experience with threat modeling methodologies and tools5+ years of hands-on development experience in one or more programming languages such as Java, C, C++, or PythonExpertise in secure coding practices (e.g., encryption, authentication, secure API design)Proficiency in security assessments, including penetration testing and code reviewsExperience with SAST, DAST, and SCA tools like CodeQL, Burp Suite Enterprise, etc.Strong communication skills, with the ability to explain technical concepts to non-technical audiencesCertifications such as CEH or equivalent are a plusThe Offer:
15% bonusApplicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.Specialization: