Application Security Engineer

Job Locations US-FL-Jacksonville
ID
2021-1751
Category
Information Technology
Type
Full Time

Overview

This position will participate in on boarding and maintaining application vulnerabilities discovered from scanning and manual reviews. In addition, it is responsible for managing the incoming work requests, which includes scheduling and conducting meetings with application development teams, communicating the outcome of the meetings to the participants, and following up with multiple teams for outstanding items.

Duties

  • Respond to incoming work requests (Service Now tickets) by prioritizing and assigning appropriately
  • Schedule discovery meetings to clarify the incoming requests if necessary
  • Identify next steps to fulfill the requests and follow up on outstanding items
  • Communicate to the appropriate team members outstanding items from meetings and tasks
  • Onboard new applications to dynamic/interactive/static scans
  • Monitor scanning tools for new vulnerabilities and report them as bugs in Azure DevOps
  • Monitor Azure DevOps for resolved vulnerabilities
  • Validate resolved bugs and bring them to closure
  • Review and track false positives
  • Assist developers in resolution and troubleshooting
  • Provide reporting capabilities such as vulnerability status, aging and the heat map
  • Respond to out of cycle security review requests
  • Establish and maintain excellent relationships with application development team members
  • Conduct manual security reviews

Requirements

  • Accountable - takes accountability for the success of the application security assignments.  Continually evaluates outstanding items for follow up and bringing tasks to closure. Takes action to mitigate risks and resolve issues.
  • Collaborative – Facilitates interaction, discussion and drives decisions required to meet deliverables.

  • Pragmatic Problem Solver – demonstrated ability to engage stakeholders and facilitate practical solutions. Looks to resolve, not to blame. Bases recommendations and decisions on facts.

  • Multi-Task Oriented - proven ability to manage multiple concurrent projects and drive projects to successful completion.

  • Familiarity in addressing web application security issues, such as those outlined in OWASP Top 10

  • Knowledge of application security throughout the software development life cycle

  • Familiarity with secure coding practices

  • Knowledge and experience in securing an application’s integration with relational database management systems such as MS SQL

  • Ability to ensure applications are secure throughout the software life cycle

  • Ability to perform manual and automated testing to identify vulnerabilities.

  • Excellent communication skills including presentation and documentation

Experience

Experience in HTML, CSS, and JavaScript

Additional Information

  • Strong organizational skills required
  • Strong interpersonal skills required

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed