Vacancy expired!
Our client, a leading media and entertainment company is hiring an Application Security Engineer on a contract basis.
Work Location: RemoteSummary: The candidate will champion Application Security efforts within the organization with a focus on identifying and remediating vulnerabilities using automation where possible. The successful candidate will assist in developing a set of engineering security standards for the organization that drives security awareness and collaboration to enable secure engineering practices & resiliency into all applications/systems. Required Skills:- 5+ years of relevant experience in Information Security Engineer roles
- Experience identifying and helping to resolve common application security flaws (e.g. OWASP, SANS)
- Subject matter expertise on secure design & coding practices
- Experience working with AWS or other cloud environments
- An understanding of network and related protocols (TCP/IP, HTTP, VPNs, etc) and ability to use inspection tools (Burp, Wireshark, etc)
- Understanding of Vulnerability Management, risk determination, and other general security testing principles with the ability to provide specific recommendations on how to fix vulnerabilities
- Experience analyzing complex systems to perform Threat Models
- Coding experience: ability to code against vendor APIs, manage code using git, work with ticket tracking systems, etc.
- Familiarity with industry regulations, such as PCI, GDPR, LGPD, and CCPA
- Contributions to Open Source Software
- Various security certifications from SANS, ISACA, ISC2, etc
- Coding experience in TypeScript and NodeJS
- Experience with IAST, RASP, DAST, SAST
- Security modeling structures: STRIDE, DREAD, CVSS, OCTAVE, MIL-STD-882E, etc
- Experience with Infrastructure-as-Code (CloudFormation, Terraform, Ansible, etc) and Security-as-Code
- Collaborate with other engineers in security code reviews to identify and fix issues in our applications and infrastructure
- Develop and code tooling to automate manual security processes
- Lead security-related projects from inception to successful completion
- Perform hands-on internal assessments on our platform and infrastructure
- Conduct regular security and risk assessments of clients applications, infrastructure, and security controls.
- Interface with other teams and take a leadership role in driving customer security and privacy initiatives.
- Apply Now
Vacancy expired!