Application Security Engineer
Salary undisclosed
Apply on
Original
Simplified
Description
We are seeking an experienced Application Security Engineer to safeguard our software applications and ensure the security of all stages of the development process. The successful candidate will collaborate with development teams to implement security best practices, identify vulnerabilities, and work on secure coding standards. This role requires a strong understanding of application security tools, methodologies, and compliance frameworks.
Requirements
Security Integration in SDLC: Work with development teams to integrate security throughout the Software Development Lifecycle (SDLC), including design, coding, testing, and deployment.
Threat Modeling & Risk Assessment: Conduct threat modeling exercises, perform risk assessments, and recommend appropriate countermeasures.
Code Reviews: Conduct secure code reviews manually and using automated tools to identify and remediate security vulnerabilities.
Vulnerability Management: Identify, prioritize, and address vulnerabilities using tools such as static and dynamic application security testing (SAST/DAST), fuzzing, and penetration testing.
Security Testing: Implement security testing frameworks, including unit tests, integration tests, and penetration testing during development.
Security Awareness & Training: Provide security training and awareness sessions to developers and product teams, focusing on secure coding practices.
Incident Response: Assist in security incident investigations, analyze root causes, and implement preventive measures for application-level security incidents.
Policy & Compliance: Ensure that application development adheres to relevant security standards, policies, and industry best practices (e.g., OWASP Top 10, NIST, PCI-DSS).
Collaboration: Work closely with other security teams, DevOps engineers, and IT teams to implement and monitor security measures.
Tool Implementation: Evaluate, deploy, and maintain application security tools and technologies such as WAF (Web Application Firewall), SAST, DAST, and security scanners.
Automation: Develop and integrate automated security checks into CI/CD pipelines to ensure continuous application security.
Security Architecture: Collaborate with architects and system designers to propose secure application designs and architectures.
Technology Doesn't Change the World, People Do.
Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.
All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.
2024 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.
We are seeking an experienced Application Security Engineer to safeguard our software applications and ensure the security of all stages of the development process. The successful candidate will collaborate with development teams to implement security best practices, identify vulnerabilities, and work on secure coding standards. This role requires a strong understanding of application security tools, methodologies, and compliance frameworks.
Requirements
Security Integration in SDLC: Work with development teams to integrate security throughout the Software Development Lifecycle (SDLC), including design, coding, testing, and deployment.
Threat Modeling & Risk Assessment: Conduct threat modeling exercises, perform risk assessments, and recommend appropriate countermeasures.
Code Reviews: Conduct secure code reviews manually and using automated tools to identify and remediate security vulnerabilities.
Vulnerability Management: Identify, prioritize, and address vulnerabilities using tools such as static and dynamic application security testing (SAST/DAST), fuzzing, and penetration testing.
Security Testing: Implement security testing frameworks, including unit tests, integration tests, and penetration testing during development.
Security Awareness & Training: Provide security training and awareness sessions to developers and product teams, focusing on secure coding practices.
Incident Response: Assist in security incident investigations, analyze root causes, and implement preventive measures for application-level security incidents.
Policy & Compliance: Ensure that application development adheres to relevant security standards, policies, and industry best practices (e.g., OWASP Top 10, NIST, PCI-DSS).
Collaboration: Work closely with other security teams, DevOps engineers, and IT teams to implement and monitor security measures.
Tool Implementation: Evaluate, deploy, and maintain application security tools and technologies such as WAF (Web Application Firewall), SAST, DAST, and security scanners.
Automation: Develop and integrate automated security checks into CI/CD pipelines to ensure continuous application security.
Security Architecture: Collaborate with architects and system designers to propose secure application designs and architectures.
Technology Doesn't Change the World, People Do.
Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.
All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.
2024 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
