Application Security Engineer

We are looking for an experienced and passionate application security engineer to join our cybersecurity team. You will be responsible for providing security solutions to our clients, who are mainly federal government agencies. You will conduct security assessments, code reviews, penetration testing, and vulnerability remediation for their web and mobile applications. You will also collaborate with their developers, QA engineers, and other stakeholders to integrate security best practices into the software development lifecycle.

Responsibilities

• Perform security testing and code reviews of web and mobile applications for our clients, using various tools and techniques.
• Identify and prioritize security risks, vulnerabilities, and threats for our clients, and provide mitigation recommendations.
• Develop and implement security solutions and strategies for our clients, based on their requirements and expectations.
• Provide security training and awareness to our clients and their staff members.
• Research and stay updated on the latest security trends, tools, and technologies.

Qualifications

• Bachelor's degree in computer science, cybersecurity, or related field, or equivalent work experience.
• At least 3 years of experience in application security, web security, or penetration testing.
• Strong knowledge of web and mobile application security concepts, such as OWASP Top 10, SANS Top 25, etc.
• Proficient in using security tools, such as Burp Suite, Nmap, Metasploit, ZAP, etc.
• Familiar with security frameworks and standards, such as NIST, ISO, PCI, etc.
• Experience with programming languages, such as Java, Python, C#, etc.
• Excellent communication, analytical, and problem-solving skills.
• Certifications, such as OSCP, CEH, CISSP, etc., are a plus.