Job ID: 3549
Job Title: Application Security Engineer
Location: 100% REMOTE
Job Type: Perm Full-Time
Salary: Highly Competitive
Security Engineer Job Description:
Our client is looking for a remote Security Engineer who will play a key role as part of the Infosec team. The successful candidate will have a strong background in the following areas:
Strong foundational and working knowledge of security best practices and their integration into workflows Designing and implementing modern security reference architecture Working with Dev/Engineering resources to build foundationally secure applications Responsibilities include:
Develop and maintain internal application security tooling. Automate security testing and vulnerability management procedures where reasonable. Assist in the integration of security into the build/deployment process. Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure. Provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services. Perform vulnerability research, assessment, and management; serve as a technical security/risk advisor on all new technologies used/developed such as AWS, session management, SSO, Database, WAF, and open-source libraries. Support the engineering team by suggesting remediation strategies for reported vulnerabilities. Assist developers in remediating vulnerabilities by providing line-by-line guidance. Provide training and education to developers on software security best practices in various cloud-based systems. Utilize dynamic application vulnerability scanning. Utilize static application vulnerability scanning. Minimum Qualifications:
Bachelors Degree in InfoSec, Computer Science, or a related discipline. Experience with full-stack web development. Working knowledge of SQL. Complete, deliver, and maintain compliance documentation for internal and external users. Experience developing and working with Web APIs. Experience interpreting results from Static Code Scanning tools. Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, OKTA, and other SSO technologies. Experience with creating and maintaining Threat Models at scale. Experience with securing database platforms. Experience in remediating security vulnerabilities beyond OWASP Top 10. Experience in performing security assessments on cloud-based multi-tenant Software-as-a-Service (SaaS) applications. Experience in assessing the security of native and hybrid mobile applications beyond the use of automated tools. Functional knowledge of AWS application infrastructure. Preferred Qualifications:
Experience developing in PHP/Laravel Framework. Experience with RDS. Experience in at least one scripting language (Python/Ruby/Perl). Experience working with SaaS applications, preferably in the EdTech or AI/ML Space. Benefits:
- An amazing team of friendly and inclusive people who pull together and openly help each other.
- Passionate team members who have fun, work productively, and take pride in everything we do.
- Were curious to explore new ideas, find innovative solutions, and were not afraid to learn as we grow.
- We work remotely.
- We recharge with unlimited PTO.
- Our focus is on team member health and well-being we have a Health Day once a month.
- We offer a comprehensive healthcare program.
SherlockTalent loves to share a $500 referral bonus!
U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.
#J-18808-Ljbffr
