Security Engineer - Application Security - Aloden LLC
Westlake, TX 78746
About the Job
Security Engineer - Application Security , Only W2 (Citizen, GC, GC EAD and H4EAD)
Locations: Charlotte, NC; Chandler, AZ; Westlake, TX (Hybrid - 3 days onsite, 2 days WFH)
Duration: 12+ Months Contract
Required Qualifications:
- Experience:
- 5+ years of Application Security Engineering experience, or equivalent demonstrated through a combination of work experience, training, military experience, or education
- 5+ years of troubleshooting experience in complex technical environments
- 2+ years of experience implementing technical solutions in a large enterprise (150K+ employees)
- 2+ years of experience with scripting tools such as Bash, Python, and PowerShell
- 1+ year of experience writing SQL queries
- 1+ year of experience building/managing MS SQL and/or Oracle databases, including data feeds and ETL
Desired Qualifications:
- Application Security Expertise: Expert understanding of OWASP Top 10 and SANS/CWE Top 25 vulnerabilities
- Development Experience: Experience in developing applications using Java, .NET (preferred), C#, JavaScript, Python, or other modern OOP languages.
- Security Tool Management: Experience managing automated application security testing tools (SAST, DAST, SCA)
- Secure Development Guidance: Ability to provide strategic and tactical security guidance for secure application development, including technical control recommendations.
- CI/CD Integration: Experience integrating application security tools into the CI/CD pipeline.
- DevSecOps: Experience with DevSecOps practices and principles.
- Certifications: One or more of the following application security certifications: OSCP, OSEP, OSWE, CEH, LPT, CPT, CEPT, CASS, CASE, CMWAPT, CRTOP, GIAC GEVA/GPEN/GWAPT/GCPN/GXPN/GMOB/GDAT
Responsibilities:
- Identify and assess application security risks, vulnerabilities, and threats.
- Conduct security assessments and penetration testing of applications.
- Provide recommendations and guidance on secure coding practices and remediation of vulnerabilities.
- Implement and manage automated application security testing tools.
- Integrate security into the development lifecycle (DevSecOps).
- Collaborate with development teams to ensure secure application development.
- Develop and maintain security documentation and procedures.
Source : Aloden LLC