Application Security Engineer local to Houston, TX - Hybrid role
- Full Time, onsite
- Technology Consultants, Inc.
- Hybrid3 days onsite and 2 days remote, United States of America
Apply on
Position: Application Security Engineer
Location: Houston, TX (3 days a week onsite is must)
Duration: 6 Months
Job Description:
What you ll be responsible for:
Collaborate with development teams to identify and mitigate product and solution architecture security vulnerabilities.
Engage closely with enterprise security team and Credit Union (CU) solution development teams to conduct thorough enterprise security assessments, review findings, and implement highly effective remediation strategies.
Provide guidance and training to development teams on secure coding practices and security best practices.
Attend software architecture review sessions to assess designs from a security standpoint, ensuring compliance with established security standards, policies, and requirements. Contribute by providing insights, asking pertinent security-related questions, and offering recommendations to enhance the security posture of the proposed solutions.
Stay current on security threats, trends, and technologies to address emerging risks proactively.
Effective communicator delivering key messages to team stakeholders and business partners using clear, informative verbal and written communications.
Experience in application and product security coupled with a strong understanding and knowledge of relevant technology stacks.
Understanding of software development and system configurations and being able to recommend modifications to those to ensure better security posture.
What you ll need to have:
Bachelor s degree in computer science, Information Security, or equivalent experience
Proven experience working as an Application Security Engineer.
Strong understanding of software development processes and methodologies.
Ability to work collaboratively in a team environment and adapt to a dynamic and evolving security landscape.
Hands-on experience with security tools and vulnerability report analysis.
Knowledge of security standards and frameworks like OWASP, NIST, and CIS.
Excellent communication skills to convey complex security concepts and findings to both technical and non-technical stakeholders.
Strong analytical skills and proficiency in data analysis tools and technologies.
What would be nice for you to have:
Coding experience with two or more programming languages
Familiarity with PCI DSS (Payment Card Industry Data Security Standard) requirements and best practices
Experience with penetration tests and penetration test report analysis.
Understanding of three or more security domains (such as platform security, network security, application security, etc.).
Knowledge of security information and event management (SIEM) systems and security data analytics tools.
Sateesh