SysLogic, Inc. is looking for a talented and experienced Security Engineer (Software Focus) to join our team. As a Security Engineer, you will be responsible for identifying and mitigating potential security vulnerabilities for our managed services clients while collaborating with development teams to ensure application security.
Responsibilities:
- Conduct regular security assessments and penetration testing of software applications and products
- Identify and prioritize potential security vulnerabilities and develop plans for remediation
- Collaborate with development team to implement secure coding practices and ensure security best practices are followed
- Stay up to date with the latest security vulnerabilities, trends, and best practices
- Participate in security architecture design and application design reviews
- Provide training and mentorship to Developers on coding practices to remediate identified vulnerabilities
- Be an informed Security partner by presenting past experience working as a hands-on software developer. Ideally utilizing the Microsoft Development stack
- Actively participate in the deep review of pen test and vulnerability assessments both in person with clients and remotely
- As needed provide training on secured development principals in both remote and in person settings
Requirements:
- Bachelor's degree in computer science, related field or equivalent experience
- 5+ years of experience in application security or related role
- Strong knowledge of web application security vulnerabilities and best practices
- Direct knowledge of pen testing processes and tools, with responsibility for remediating vulnerabilities. (Such as Qualys, BurpSuite, Snyk, SCA)
- Experience with security assessment tools and techniques
- A minimum of two years working as a Full Lifecycle Developer creating enterprise-based applications, preferably using the Microsoft Development stack (.NET, .NET Core, Azure)
- Knowledge of secure coding practices and familiarity with common programming languages (e.g., C#, Java, C++, Python)
- Familiarity with security frameworks and standards (e.g. OWASP, NIST)
- Excellent problem-solving and analytical skills
- Strong oral and written communication and collaboration skills
- Ability to travel 4-6 times per year with no more than 20 days away from home in a calendar year
- Experience working with embedded systems or device controls is a plus
- Certifications a plus, such as: Certified Ethical Hacker, Certified Information Security System Professional, Certified Cloud Security Professional