Application Security Engineer

December 28, 2024

Apply Now

Receive Emails with Similar Jobs

Easy Dynamics Corp

WebsiteLinkedInAll Job Openings

Cloud Computing • Identity Management • Information Sharing • Application Development • Cybersecurity

51 - 200 employees

Founded 2001

🔒 Cybersecurity

📋 Compliance

Description

• Provide application security expertise, continuous integration, software delivery, software quality, and systems documentation support to the agency’s digital assets, including the Bureau’s public-facing web site, consumerfinance.gov, as well as internal software tools; • Work with the Application Development Team to discuss and implement security remediations for agency’s web products; • Work closely with the agency’s Cyber Security and Systems Engineering teams to support compliance, secure baseline development, CVE remediation, and the use of best practices in an AWS FISMA moderate environment; • Provide support to the agency’s Application Development Team in configuring and operating continuous integration and delivery (CI/CD) pipelines, incorporating security into build process using tools such as PrismaCloud, and identifying and resolving issues in the build-deploy-operation lifecycle; • Use and apply the findings of robust application security monitoring tools, including assisting in the securing and maintenance of the agency’s website at consumerfinance.gov and internal software tools; • Assist in building a strong technical foundation in build, release, and production using continuous integration tools such as Jenkins; • Engage with various agency personnel to understand requirements in order to develop better software for the Bureau and identify new ways in which the development team can easily solve issues; • Assist the agency’s Application Development team with security focus through participation in daily standup meetings, monitoring, development, and creating issues in the ticket system • Provide training on a variety of security methodologies, best-practices, and tools along with insight into new technologies and solutions that could help the Application Team and the agency at large; • Assist in the development of Use Cases, Requirements Definition Documents, User and Administration Manuals, Detailed Design Specifications, and Training Manuals and Plans

Requirements

• U.S. citizenship required • Bachelor’s degree in related field • At least 5 years of demonstrated experience in the following: • Configure, operate, maintain, and monitor various application security tools and services • Experience working with vulnerability scanning tools to identify and resolve security vulnerabilities • Expertise in integrating security testing in automated continuous delivery pipelines (Jenkins/Travis/Ansible) • Experience working with a modern web development stack and toolchain • Experience working with open source and community solutions • Experience in FedRamp IaaS/SaaS • Experience with monitoring software dependencies and automating the creation of an SBOM (software bill of materials) • Collaborate, champion, and mentor software development teams and other stakeholders on secure software development, delivery, and operations