GuidePoint SecurityRemote
Application Security Engineer - North Central region (Remote in the U.S.)
United States of America
Full Time
2 weeks ago
No H1B
Key skills
JavaScriptPythonJavaC#C++CPHPGitHubSDLCCI/CDCommunicationCheckmarx
About this role
GuidePoint Security is a rapidly growing cybersecurity firm that provides trusted expertise and solutions to organizations. They are seeking an Application Security Engineer responsible for running security tools, collaborating with development teams to address vulnerabilities, and ensuring security throughout the software development lifecycle.
Responsibilities:
- Run client SAST/DAST/SCA tools, review outputs and provide recommendations
- Work with development teams to identify and remediate security vulnerabilities
- Provide security guidance during the software development lifecycle (SDLC)
- Identify, track, and prioritize security vulnerabilities
- Validate fixes and conduct retesting
- Implement and maintain application security tools and scanning solutions
- Create reports for technical and non-technical stakeholders
Requirements:
- 2-3 years experience working in Application Security
- Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. GitHub, etc.)
- Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
- Deep knowledge of manual testing tools such as Burp Suite Pro
- Knowledge of and experience with SAST/DAST/SCA Application Security tools
- Experience with the integration of tools into development pipelines
- Understanding of a broad range of Application Security issues as well as their mitigation strategies
- Understanding of Application Security related vulnerabilities
- Written communication skills for written interactions with clients
- Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information
- Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice
- Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred
- Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus
- Bachelor's degree in Computer Science or Information Security preferred
- Standard industry certifications are preferred