Epicareer Might not Working Properly
Learn More

Application Security Engineer

Salary undisclosed

Apply on


Original
Simplified
ImagineX is a Software Company whose goal is to help our clients transform their businesses by embracing emerging technologies such as Cloud, Cybersecurity, and Mobile. Through the use of our experimentation techniques and modern delivery methods, we assist our clients in driving higher quality solutions to market faster.

We're looking for anApplication Security Engineerto join our growing team.Our execution success is rooted in our unique model that is supported by our industry partners and specialists. TheImagineX culturethrives on entrepreneurship, risk taking, mutual trust, teamwork, encouraging change, and letting our consultants own their way of working.

This is a 100% remote position, no additional travel required, aggressive salary and bonus packages, and 401K matching.

Must be comfortable working standard west coast hours.

Duties:

  • Provide guidance and assistance to development personnel in understanding security vulnerabilities and remediation options
  • Collaborate with developers to ensure adherence to security best practices during development cycles
  • Utilize SAST and DAST tools for thorough security testing and validation of remediation efforts
  • Recommend efficient solutions for fixes to streamline the remediation process
  • Assist in building out the capabilities of a DevSecOps Team, contributing to integrating security practices into CI/CD pipelines
  • Automate existing manual processes to improve the efficiency of development workflows
  • Analyze findings from penetration tests and propose remediation tasks
  • Support assigned teams with technical aspects of the remediation process
  • Monitor and track progress on remediation tasks to ensure completion

Required:

  • 5+ years' experience as an Application Security Engineer using technologies such as Qualys WAS, Wiz, Javascript, C#.NET/Java
  • Strong static analysis tools (SAST) to secure applications including Veracode, Fortify, SonarQube and Checkmarx
  • Must have solid experience in dynamic security testing (DAST) and how to integrate security tools within the CI/CD pipeline
  • Experience mitigating SQL injection vulnerabilities
  • Strong experience on how to secure a RESTful API
  • Ability to analyze risks associated with vulnerabilities and recommend appropriate resolutions or risk reduction strategies
  • Must work effectively as a supportive team member within the InfoSec team and act as a security ambassador to the wider organization
  • Proficient in collecting and synthesizing information in a format suitable for audits. Attention to detail is essential for maintaining accurate documentation

SPONSORSHIP NOT AVAILABLE. US CITIZEN OR GREEN CARD HOLDER ONLY.

Powered by JazzHR

pBEhGfin42