Application Security Engineer - Itengagements : Job Details

5 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Greeting from IT Engagements…!IT Engagements is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. We have an immediate opening for the below position with our premium clients.Role: Application Security Engineer (prior Java or C#)Location: Hybrid/NYCJob DescriptionHYBRID ROLE. MUST live in NYC area and able to work onsite in NYC 3 days a week.Our software client based in the NYC area has an immediate need for an Application Security Engineer Lead to join their security team to proactively identify and resolve security risks, issues and incidents. The successful engineer with proactively assesses information risk and facilitate remediation of identified vulnerabilities within the client's network, systems and applications.Responsibilities

• Proactively identify and resolve security risks, issues and incidents.
• Evaluate and assess information risk, as well as remediation of identified vulnerabilities with the ecosystem.
• Report on findings and recommendations for corrective action.
• Perform assigned vulnerability assessments utilizing enterprise security tools and methodologies.
• Perform assessments of IT security/risk posture within the IT network, systems and software applications.
• Drive security mitigation efforts through identification of opportunities to reduce risk and document remediation options regarding risk scenarios.
• Facilitate and monitor performance of risk remediation tasks.
• Design security solutions to address security vulnerabilities and weaknesses
• Continuously update the monitoring environment and tools in order to provide the correct level of insight into the environment
• Technical point of contact/lead for product teams as it relates to automation, CI/CD, and Product Application Security Operations.
• Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team.

Required Experience

• 7+ years of experience in application security roles with increasing responsibility, including leadership responsibilities.
• 5+ years or experience in an enterprise technology environment, with responsibilities across a operations, networking, systems and infrastructure architecture, or other as applicable technical areas.
• Prior development experience in Java or C#
• 3+ years of experience in a Security Operations Center or Continuous Monitoring role
• 3+ years of experience in Web Application Security, SSDLC and Threat Modelling.
• Prior hands on experience with Software Development Java / C# / C++.
• Experience with a variety of Continuous Monitoring, and vulnerability scanning tools
• Must have hands on infrastructure security skills including IDS/IPS, firewall, SIEM, server and OS hardening, malware detection, physical security, transport and at-rest encryption on file systems, DB, and other data persistence mechanisms.
• Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning
• Prior experience implementing SOX, PCI, ISO, NIST 800-53, NIST CSF,
• SonarQube, Snyk, Qualys, Wiz.
• DEEP understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies.
• Excellent written and verbal communication skills — including the ability to effectively communicate security- and risk-related concepts to technical and nontechnical audiences — and strong interpersonal and collaborative skills
• Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
• Strong preference for ISC2, SANS, ISACA, or other recognized security professional credentialing organizations.
• Bachelor's degree in information systems, engineering or equivalent work experience, preferably Information System management / Computer Science / Information Security or a related technical discipline.

Thank [email protected]

Seniority level

• Seniority levelMid-Senior level

Employment type

• Employment typeContract

Job function

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting

Referrals increase your chances of interviewing at IT Engagements, Inc. by 2x

Get notified about new Application Security Engineer jobs in New York, NY.

Application Security Engineer (prior Java or C#)Application Security Engineer - Enterprise Engineering

New York, NY $147,000.00-$208,000.00 3 weeks ago

New York, NY $135,000.00-$200,000.00 2 days ago

New York City Metropolitan Area 2 weeks ago

Senior Application Security Engineer (Infrastructure and Security) – New York – Competitive Salary + Competitive Package + Opportunity to work with an Ambitious, Young, Growing Organisation!

New York, NY $180,000.00-$220,000.00 1 day ago

Cyber Security Detection Engineer - (Fulltime)100% RemoteApplication Offensive Security Consultant | Application Security Testing

New York City Metropolitan Area $90.00-$100.00 1 week ago

Iselin, NJ $140,000.00-$180,000.00 3 weeks ago

Application Security Engineer - FinTech/Crypto

New York, NY $185,000.00-$215,000.00 4 weeks ago

Manhattan, NY $150,000.00-$190,000.00 4 days ago

Security Engineer II, Stores Application SecuritySoftware Engineer II, Application SecurityApplication Security Engineer - Lead Information Security Engineer

New York City Metropolitan Area $160,000.00-$180,000.00 29 minutes ago

Security Engineer II, Stores Application SecuritySenior Security Engineer - Application Security

New York, NY $187,000.00-$240,000.00 1 day ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr