Application Security Engineer - ECA Staffing Solutions, Inc
Jacksonville, FL 32004
About the Job
Position Summary:
This position is responsible for working very closely with software development teams to implement various security controls and DevSecOps practices as part of their development lifecycle; assist in identifying, reviewing, and managing application security vulnerabilities; and provide relevant technical guidance to remediate those vulnerabilities. The ideal candidate should have a demonstrated experience in working as part of, or very closely with, agile / DevOps teams and a strong knowledge of modern software architecture styles and coding practices.
Responsibilities:
The ideal candidate will be:
Requirements:
Skills:
This position is responsible for working very closely with software development teams to implement various security controls and DevSecOps practices as part of their development lifecycle; assist in identifying, reviewing, and managing application security vulnerabilities; and provide relevant technical guidance to remediate those vulnerabilities. The ideal candidate should have a demonstrated experience in working as part of, or very closely with, agile / DevOps teams and a strong knowledge of modern software architecture styles and coding practices.
Responsibilities:
- Provide technical guidance to application development teams to understand security risk and how to remediate security vulnerabilities in code.
- Collaborate with development teams to create and maintain a Secure-SDLC and ensure that security requirements/controls can be embedded within the software application.
- Conduct manual security code reviews and identify insecure code patterns.
- Assist with onboarding new applications to SAST, DAST, and SCA tools.
- Monitor scanning tools for new vulnerabilities and review false positives.
- Review and validate resolved security bugs and bring them to closure
- Implement innovative solutions to scale the program with emphasis on automation where applicable.
- Write and maintain automation scripts to support custom integrations with scan tools and reports.
- Establish and maintain excellent relationships with customer / business units.
- Actively participate with the team to identify opportunities for improvement in our vulnerability management program.
- Keep abreast of and provide recommendations on emerging security technologies/tools.
- Perform other duties as assigned.
The ideal candidate will be:
- Accountable - takes accountability for the success of the application security assignments. Continually evaluates outstanding items for follow up and bringing tasks to closure. Takes action to mitigate risks and resolve issues.
- Collaborative – Facilitates interaction, discussion and drives decisions required to meet deliverables.
- Pragmatic Problem Solver – demonstrated ability to engage stakeholders and facilitate practical solutions. Looks to resolve, not to blame. Bases recommendations and decisions on facts.
- Multi Task Oriented - proven ability to manage multiple concurrent projects and drive projects to successful completion.
Requirements:
- Software development experience, especially in Microsoft technologies (e.g. C#, .NET, Azure, MS SQL Server)
- Good understanding of modern web application architectures and frameworks.
- Familiarity with basic web application security issues, such as those outlined in OWASP Top 10.
- Ability to use DevOps CI/CD tools.
- Experience working with DevOps methodologies and tools.
- Experience with scripting or shell languages such as Python or PowerShell.
- Familiarity with application security scanning tools and methodologies (SAST, DAST, SCA).
- Knowledge of application security throughout the software lifecycle.
- Familiarity with secure coding practices.
- Ability to perform manual and automated testing to identify vulnerabilities.
- Experience working collaboratively with engineers.
- Excellent communication skills including presentation and documentation.
Skills:
- Development in C#, .NET framework, .NET Core and JavaScript.
- Using Relational DBMS / SQL.
- Experience working with Git repositories, software build tools, and software deployment tools.
- MS Office skills (Excel, Word, etc).
- Strong organizational skills required.
- Strong interpersonal skills required.
Source : ECA Staffing Solutions, Inc