Agile DefenseRemote
Senior Application Security Engineer
United States
Full Time
3 hours ago
$115,000 - $145,000 USD
No Visa Sponsorship
Key skills
JavaLinuxPython.NETC#COWASP
About this role
Role Overview
- Work together with the client and application community to maintain a resilient security posture for highly visible applications.
- Remediate application security flaws in conjunction with the application security team.**Lead security discussions with the application teams to prescribe security best practices within their development lifecycle.
- Perform dynamic and static application performance testing, perform security requirements creation or generation-level threat modeling leveraging tools, including SD Elements, and perform application-level testing using applications such as Burp Suite.
- Work with the latest OWASP frameworks.
Requirements
- IT related Bachelor's Degree
- 6+ years of Information Technology experience
- 3+ years of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Burp Suite
- The areas of focus are Burp Enterprise experience performing DAST scanning. Many candidates have experience with Burp Professional, but this is focused on SAST scanning. The candidate should also have Veracode experience performing SAST scanning. Candidate need to know their way around a Linux environment and some type of coding and/or scripting experience is a must.
- Must be a U.S. citizen and able to get a public trust.
- 1+ year of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode
- 2+ years of experience with Java, Python, .NET, or C#
- 3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, network, or infrastructure services
- Experience with Eclipse, JDeveloper, including pipeline development, or Visual Studio
- Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25
- Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
- 2+ years experience working in Linux based environments, including navigating and troubleshooting basic website connectivity issues
Tech Stack
- Java
- Linux
- Python
- .NET