GuidePoint SecurityRemote
Application Security Engineer - North Central region (Remote in the U.S.)
United States of America
Full Time
2 days ago
No H1B
Key skills
JavaScriptPythonJavaC#C++CPHPGitHubSDLCCI/CDCommunicationCheckmarx
About this role
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The Application Security Engineer will run security tools, work with development teams to remediate vulnerabilities, and provide security guidance throughout the software development lifecycle.
Responsibilities:
- Run client SAST/DAST/SCA tools, review outputs and provide recommendations
- Work with development teams to identify and remediate security vulnerabilities
- Provide security guidance during the software development lifecycle (SDLC)
- Identify, track, and prioritize security vulnerabilities
- Validate fixes and conduct retesting
- Implement and maintain application security tools and scanning solutions
- Create reports for technical and non-technical stakeholders
Requirements:
- 2-3 years experience working in Application Security
- Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. GitHub, etc.)
- Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
- Deep knowledge of manual testing tools such as Burp Suite Pro
- Knowledge of and experience with SAST/DAST/SCA Application Security tools
- Experience with the integration of tools into development pipelines
- Understanding of a broad range of Application Security issues as well as their mitigation strategies
- Understanding of Application Security related vulnerabilities
- Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus
- Written communication skills for written interactions with clients
- Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information
- Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice
- Knowledge of and experience with Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred
- Bachelor's degree in Computer Science or Information Security preferred
- Standard industry certifications are preferred