Application Security Engineer (Remote)
Job ID: 3549 Job Title: Application Security Engineer Location: 100% REMOTE Job Type: Perm Full-Time Salary: Highly Competitive Security Engineer Job Description: Our client is looking for a remote Security Engineer who will play a key role as part of the Infosec team. The successful candidate will have a strong background in the following areas: •Strong foundational and working knowledge of security best practices and their integration into workflows •Designing and Implementing modern a security reference architecture •Working with Dev/Engineering resource to build foundationally secure applications Responsibilities include:
- Develop and maintain internal application security tooling.
- Automate security testing and vulnerability management procedures where reasonable.
- Assist Integration of security into the build/deployment process.
- Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure.
- Provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services.
- Perform vulnerability research, assessment, and management, serve as a technical security/risk advisor on all new technologies used/developed such as AWS, session management, SSO, Database, WAF, Opensource libraries.
- Support the engineering team by suggesting remediation strategies for reported vulnerabilities.
- Assist developers in remediating vulnerabilities by providing line-by-line guidance.
- Provide training and education to developers on software security best practices in various cloud-based systems. •Utilize dynamic application vulnerability scanning
- Utilize static application vulnerability scanning ls Minimum Qualifications:
- Bachelors’ Degree in InfoSec, Computer Science, or a related discipline.
- Experience with full-stack web development.
- Working knowledge of SQL. •Complete, deliver and maintain compliance documentation for internal and external users.
- Experience developing and working with Web APIs.
- Experience interpreting results from Static Code Scanning tools.
- Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, OKTA, and other SSO technologies.
- Experience with creating and maintaining Threat Models at scale.
- Experience with securing database platforms.
- Experience in remediating security vulnerabilities beyond OWASP Top 10.
- Experience in performing security assessments on cloud-based multi-tenant Software-as-a-Service (SaaS) applications
- Experience in assessing the security of native and hybrid mobile applications beyond the use of automated tools.
- Functional knowledge of AWS application infrastructure Preferred Qualifications
- Experience developing in PHP/Larvel Framework
- Experience with RDS
- Experience in at least one scripting language (Python/Ruby/Perl/)
- Experience working with SaaS applications preferably in the EdTech or AI/ML Space Benefits
- An amazing team of friendly and inclusive people who pull together and openly help each other
- Passionate team members who have fun, work productively and take pride in everything we do
- We’re curious to explore new ideas, find innovative solutions and we’re not afraid to learn as we grow
- We work remotely
- We recharge with unlimited PTO
- Our focus is on team member health and well-being – we have a Health Day once a month
- We offer a comprehensive healthcare program SherlockTalent loves to share a $500 referral bonus! "U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time." Apply tot his job
Apply tot his job Apply To this Job