Application Security Engineer
Coral Gables, Florida, United States of America
Full Time
3 weeks ago
$110,000 - $130,000 USD
No Visa Sponsorship
Key skills
SDLCSQLCI/CDOWASPWAF
About this role
Role Overview
- Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies
- Collaborate with software development teams to integrate security into the development life cycle
- Conduct security assessments of web, mobile, and other applications
- Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation
- Design and implement secure software development practices, including threat modeling, secure coding standards, and code review
- Stay current with security threats, trends, and technologies, and recommend new security controls as needed
- Conduct application security investigations and provide recommendations to mitigate risk
- Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards
Requirements
- Bachelor's degree in computer science, information security, or a related field
- Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required
- Seven (7) years or more application security, security engineering, software development, or a related field, required
- Five (5) years or more strong understanding of web application security and common attack vectors (e.g. SQL injection, XSS, CSRF), required
- Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies, required
- Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required
- Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required
- Seven (7) years or more development and scripting experience, required
- Five (5) years or more professional application security role, required
- Five (5) years or more experience with API and Web Security, required
- Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred
- Seven (7) years or more experience in integrating security in CI/CD, DevOps, required
- Six (6) years or more experience process or operation management
- Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience.
Tech Stack
- SDLC
- SQL
Benefits
- comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options
- paid time off for vacation, illness, bereavement, family and parental leave
- tax-advantaged 401(k) retirement savings plan