Job ID: 3549
Job Title: Application Security Engineer
Location: 100% REMOTE
Job Type: Perm Full-Time
Salary: Highly Competitive
Security Engineer Job Description
Our client is looking for a remote Security Engineer who will play a key role as part of the Infosec team. The successful candidate will have a strong background in the following areas:
- Strong foundational and working knowledge of security best practices and their integration into workflows
- Designing and implementing modern security reference architecture
- Working with Dev/Engineering resources to build foundationally secure applications
Responsibilities Include
- Develop and maintain internal application security tooling.
- Automate security testing and vulnerability management procedures where reasonable.
- Assist in the integration of security into the build/deployment process.
- Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure.
- Provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services.
- Perform vulnerability research, assessment, and management; serve as a technical security/risk advisor on all new technologies used/developed such as AWS, session management, SSO, Database, WAF, and open-source libraries.
- Support the engineering team by suggesting remediation strategies for reported vulnerabilities.
- Assist developers in remediating vulnerabilities by providing line-by-line guidance.
- Provide training and education to developers on software security best practices in various cloud-based systems.
- Utilize dynamic application vulnerability scanning.
- Utilize static application vulnerability scanning.
Minimum Qualifications
- Bachelors Degree in InfoSec, Computer Science, or a related discipline.
- Experience with full-stack web development.
- Working knowledge of SQL.
- Complete, deliver, and maintain compliance documentation for internal and external users.
- Experience developing and working with Web APIs.
- Experience interpreting results from Static Code Scanning tools.
- Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, OKTA, and other SSO technologies.
- Experience with creating and maintaining Threat Models at scale.
- Experience with securing database platforms.
- Experience in remediating security vulnerabilities beyond OWASP Top 10.
- Experience in performing security assessments on cloud-based multi-tenant Software-as-a-Service (SaaS) applications.
- Experience in assessing the security of native and hybrid mobile applications beyond the use of automated tools.
- Functional knowledge of AWS application infrastructure.
Preferred Qualifications
- Experience developing in PHP/Laravel Framework.
- Experience with RDS.
- Experience in at least one scripting language (Python/Ruby/Perl).
- Experience working with SaaS applications, preferably in the EdTech or AI/ML Space.
Benefits
- An amazing team of friendly and inclusive people who pull together and openly help each other.
- Passionate team members who have fun, work productively, and take pride in everything we do.
- Were curious to explore new ideas, find innovative solutions, and were not afraid to learn as we grow.
- We work remotely.
- We recharge with unlimited PTO.
- Our focus is on team member health and well-being we have a Health Day once a month.
- We offer a comprehensive healthcare program.
SherlockTalent loves to share a $500 referral bonus!
U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.
#J-18808-Ljbffr
