Application Security Expert Jobs

Knowledge of vulnerability management programs

Identify and manage vulnerabilities using a variety of toolsets

An understanding of implementing risk management practices

Understanding of secure coding standards, OWASP Top Ten , Web Application Firewalls and Certificate management

Manage technical controls to ensure that the organization is protected in accordance with its risk appetite

3 years' experience in application development

Participate in vulnerability management operations, such as: retesting and reprioritizing vulnerabilities, reviewing code changes, approving proposed remediations, etc.

Contribute technical and procedural documentation towards the organization’s knowledge base.

Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts.

Demonstrated knowledge of security best practices, principles, and common frameworks, such as: OWASP, NIST, ISO, SOC, etc.

Prior experience in implementing and integrating tools for static analysis, dynamic analysis, fuzzing, bug bounty, etc.

Relevant industry certifications, such as: OSCP, OSWE, GPEN, GWAPT, etc.

Drive initiatives which scale application security and holistically address multiple vulnerabilities

Remote Opportunity: Ability to work 100% remotely, or from an Applied Systems office

Your experience should include some or all of the following:

All requirements of Senior Engineer, Application Security, plus;

Expert understanding and experience with common security libraries, security controls, and common security flaws.

Advanced knowledge of public cloud provider infrastructure. Google Cloud Platform is preferred.

Knowledge of Vault capabilities and Security Incident and Event management systems

Proficient in security management with specific experience

Experience enabling and actively guiding others on Application security including Static Analysis (SAST), Dynamic Analysis (DAST), OSS (Open-source vulnerabilities), Pen testing.

Providing honesty, integrity, professionalism and empathy as a people manager

Ability to manage program timelines and actively develop medium to long terms plans

Experience with Threat modeling, secure development lifecycle and secure testing methodologies

D2. The proposed resource should have SAP Identity and Access Management

D3. The proposed resource should have Azure Active Directory Identity and access management operations

For this requisition, the resource will work 100% remotely.

• Provides evidence (sometimes to an unbelieving audience) that vulnerabilities can be exploitable.

• Application vulnerability scanning to identify potential vulnerabilities in web and application services.

M1. The proposed resource must have demonstrated experience with SAP GRC (governance, risk, and compliance)

Implement business-driven IT solutions to meet security requirements related to function, protection, assurance, risk management and compliance.

Strong knowledge of Azure Active Directory and Okta, including MFA and SSO capabilities.

Strong analytical and problem-solving skills. Relevant certifications such as Azure Active Directory, Okta Certified Administrator, or similar certifications are a plus.

Minimum of 3 years of experience in supporting and implementing Security & Resiliency solutions.

Experience with Microsoft Azure, Office 365, and other cloud-based services.

Excellent communication skills and the ability to work collaboratively with other IT teams.

D2. The proposed resource should have SAP Identity and Access Management

D3. The proposed resource should have Azure Active Directory Identity and access management operations

For this requisition, the resource will work 100% remotely.

• Provides evidence (sometimes to an unbelieving audience) that vulnerabilities can be exploitable.

• Application vulnerability scanning to identify potential vulnerabilities in web and application services.

M1. The proposed resource must have demonstrated experience with SAP GRC (governance, risk, and compliance)

Strong communication skills with the ability to translate technical security requirements and risks into terms that anyone can understand

2+ years of experience in design review and/or threat modeling

Experience in Cloud Security and Network Security

Prior experience in software development with an emphasis on security

Familiarity with programming languages and knowledge of data structures and algorithms

Experience in at least one of: Java, Go, Ruby or Python

Experience of software security controls and methodology

Experience in one or more of; various .NET (C#, ASP, ‘net core) SQL, React

Able to work in dynamic and fast-paced environment

Comfortable with collaboration, open communication and reaching across functional borders with a strong focus on business outcomes

Exposure to deployment tools such as Jenkins and Team City

Our ideal candidate will have

Evaluate third-party code and/or libraries against known vulnerabilities.

Implement and manage security testing tools (SAST/DAST) to continuously monitor the security posture of the applications.

Strong development experience with both front-end and back-end technologies.

Experience securing container and microservices technologies (Kubernetes).

Experience with cloud platforms such as Google Cloud Platform (GCP) and Amazon Web Services (AWS).

Experience with the ELK (Elasticsearch, Logstash, and Kibana) stack.

Education background in Information Security, Computer Science, Information Management Systems, or equivalent.

Hands-on experience with vulnerability management and penetration testing tools:

4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred

Two years of hands-on experience in Information Security Auditing.

Strong written and oral communication skills

Some relevant certifications, such as CASE, ASVS, CISSP.

Education background in Information Security, Computer Science, Information Management Systems, or equivalent.

Hands-on experience with vulnerability management and penetration testing tools:

4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred

Two years of hands-on experience in Information Security Auditing.

Strong written and oral communication skills

Some relevant certifications, such as CASE, ASVS, CISSP.

Education background in Information Security, Computer Science, Information Management Systems, or equivalent.

Hands-on experience with vulnerability management and penetration testing tools:

4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred

Two years of hands-on experience in Information Security Auditing.

Strong written and oral communication skills

Some relevant certifications, such as CASE, ASVS, CISSP.

Education background in Information Security, Computer Science, Information Management Systems, or equivalent.

Hands-on experience with vulnerability management and penetration testing tools:

4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred

Two years of hands-on experience in Information Security Auditing.

Strong written and oral communication skills

Some relevant certifications, such as CASE, ASVS, CISSP.

Understanding to p roven experience implementing DevSecOps and performing configuration management and checks

Experienced with c onsulting and a dvisory discussions with Clients

Knowledge and ability to design and implement technology solutions

Exceptional development and training with a minimum 80 hours/year of training and paid certifications

Avanade University – real-time access to technical and skilled resources globally

Full benefits package including medical coverage, income protection policy, extended benefits, bonus program, generous retirement plan, and much more!