Job Title: - Application Security Engineers (L2/3)
Experience Level: Mid-Senior (5+ years)
About the Role: We are looking for skilled Application Security Engineers to join our team on the first and second shifts. The primary responsibility will be to utilize Veracode for comprehensive code reviews during application releases and ongoing custom code development. This role requires robust knowledge of application security practices and hands-on experience with the Veracode platform.
Responsibilities:
- Code Review and Analysis:
- Perform thorough code reviews and security testing using Veracode for both application releases and during the development phases of custom code.
- Identify, assess, and mitigate vulnerabilities in software applications.
- Ensure compliance with security standards and best practices throughout the development lifecycle.
- Security Testing:
- Implement and manage static, dynamic, and manual testing techniques to identify security vulnerabilities.
- Collaborate with development teams to understand code changes and their impact on security posture.
- Provide guidance and support for integrating security tools within the development process.
- Collaboration and Advising:
- Work closely with development teams to remediate vulnerabilities and improve security during the coding phase.
- Participate in the development of automated security testing strategies to enhance early detection of issues.
- Educate developers on secure coding practices and the importance of security in the development lifecycle.
- Reporting and Documentation:
- Document findings from security assessments and code reviews.
- Develop and maintain security metrics to track vulnerability management and remediation efforts.
- Report on current threats, vulnerabilities, and the status of remediation activities to senior management.
- Continuous Improvement:
- Stay updated with the latest security trends, tools, and testing techniques.
- Recommend improvements to security practices and processes to enhance the overall security of applications.
- Regularly review and update security policies and practices in line with industry standards and compliance requirements.
Qualifications:
- A minimum of 5 years of experience in application security, specifically using Veracode for code reviews.
- Demonstrated expertise in static and dynamic analysis, and manual penetration testing.
- Strong understanding of secure coding practices and the software development lifecycle.
- Proven ability to work collaboratively with multi-disciplinary teams.
- Excellent problem-solving skills and the ability to work under pressure.
- Proficient in documenting and explaining complex security issues to non-technical stakeholders.
Shift 2-3pm-11pm CST
6 months contract
