Vacancy expired!
Looking for a Cybersecurity engineer with expertise in Application Security domain, who will be responsible to define consistent Secure Software Development Lifecycle practices for all technology projects throughout the planning and delivery cycles that assure that application security vulnerabilities are mitigate. Very strong application security and web application development experience and team leadership skills are a must. In this position, you are a passionate and talented application security engineer with very deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities and best practices design and threat modeling skills who can work in a dynamic environment. You must be dedicated to able to work with developers in producing secure code in short time frames and be willing to go beyond the standard routine. your primary responsibilities includes:
Work as part of a team of software and security engineers to design/maintain and build best-in-class product security tools and services
Technical point of contact for product teams as it relates to automation, CI/CD, and Product Application Security Operations
Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team
Responsible for security product QA and Testing
Build strong relationships with product development teams
Improve the accessibility of security through automation, continuous integration pipelines, and other means
Understand existing processes and identifying how to improve and streamline them in order to improve team efficiency and effectiveness of Cyber Security team is looking for a Cybersecurity engineer with expertise in Application Security domain, who will be responsible to define consistent Secure Software Development Lifecycle practices for all technology projects throughout the planning and delivery cycles that assure that application security vulnerabilities are mitigate. Very strong application security and web application development experience and team leadership skills are a must. In this position, you are a passionate and talented application security engineer with very deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities and best practices design and threat modeling skills who can work in a dynamic environment. You must be dedicated to able to work with developers in producing secure code in short time frames and be willing to go beyond the standard routine. your primary responsibilities includes:
Work as part of a team of software and security engineers to design/maintain and build best-in-class product security tools and services
Technical point of contact for product teams as it relates to automation, CI/CD, and Product Application Security Operations
Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team
Responsible for security product QA and Testing
Build strong relationships with product development teams
Improve the accessibility of security through automation, continuous integration pipelines, and other means
Understand existing processes and identifying how to improve and streamline them in order to improve team efficiency and effectiveness
Qualifications
BASIC QUALIFICATIONS:
-4 years of work experience with a Bachelor's Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD degree
PREFERRED QUALIFICATIONS:
-5 years of experience with Bachelor's degree or 2-3 years of experience with Master's degree in Computer Science, Mathematics, Physics, or equivalent
You have a Bachelor degree in Computer Science or related field and 2 -4 years of Software Development Experience
2-3 Years of Experience in Web Application Security, SSDLC and Threat Modelling with MS/BS degree in Information System management / Computer Science / Information Security or a related technical discipline, at least 2 years of Software Development experience
Hands on experience with Software Development Java / C# / C, JavaScript and HTML,
MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
Well versed in web application design, penetration testing, application risk assessment and risk categorization
Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into a developers world
Success in implementing effective Secure SDLC frameworks across a large corporation.
Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning
Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models.
Deep knowledge and experience in using SAST, DAST and fuzz testing tools
Highly effective communicator; well-honed influencing and negotiating skills
Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or
