SalaryUSD TBD TBD
A large enterprise financial company is looking for a Senior Application Security Engineer to join their team. This engineer will need to have a thorough understanding of Web Application Security testing, source code reviewing and penetration testing. This Senior Application Security Engineer will join a fast-growing Application Security team of 10. They will be working closely with the main Software Engineering teams that are re-designing the company's main financial application. This Senior Application Security Engineer should come from a modern environment that practices DevOps.Required Skills & Experience
- Minimum of 5 years of experience in an Application Security role.
- Must have experience working closely with Software Engineers, you will advise on best practices around security, changes, and uses of security implementations.
- Ability to do Penetration Testing with Burp Suite.
- Strong knowledge and understanding of OWASP Top 10.
- Ability to do automation scripting in Bash, PowerShell, Python, Java, etc.
- Familiarity with network protocols such as HTTP, Rest APIs
- Strong knowledge of CI/CD process and tools like Git, Docker, Jenkins, XL Release etc. is required. Working knowledge of software composition analysis.
- Dynamic Application Security Testing (DAST) experience is a plus.
- Experience doing Static Application Security Testing (SAST) with CheckMarx.
- Security experience in an AWS cloud environment.
- Possession of industry standard cybersecurity certifications such as OSCP, CISSP, CEH, GMOB, GWAPT, GPEN and/or other relevant penetration testing related certifications is a plus.
- 100% Security
- 70% Hands On
- 30% Team Collaboration
- DOE 160k base salary
- 10% yearly bonus
- Medical & Dental Insurance
- Health Savings Account (HSA)
- Paid Sick Time Leave
- Pre-tax Commuter Benefit
- Add additional perks specific to the work environment
Senior Application Security Engineer/ Legal