Application Security Engineer

4 days ago

Apply Now

Receive Emails with Similar Jobs

GuidePoint Security

WebsiteLinkedInAll Job Openings

Application Security • Cloud Security • Data Security & Privacy • DLP • GRC

201 - 500

Description

• GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. • This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. • Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions).

Requirements

• Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, etc. • Understanding of Continuous Integration / Continuous Delivery (CI/CD) pipeline tools and processes (e.g. GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, etc.). • Experience in software engineering, ideally full stack software development, including modern technologies and application architectures. • Strong scripting and automation experience using one or more programming languages. • Solid working knowledge of application security fundamentals including the OWASP Top 10, threat modeling, and implementing secure coding practices throughout the Software Development Lifecycle (SDLC). • Excellent written and verbal communication skills. • Experience writing or adapting custom SAST rules (Semgrep or CodeQL). • Familiarity with additional Application Security tools (e.g. Interactive (IAST), Dynamic (DAST) and API security, SCA, etc.). • Familiarity with API Security tools (e.g., NoName, Traceable, Salt, Cequence). • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite. • Strong working knowledge of Secure Development Lifecycles and experience triaging and remediating technical vulnerabilities identified by web application scanning tools. • Understanding of automated security testing approaches and tools. • Experience in building and operating security tools within CI/CD pipelines. • Experience with proactive integration of security into the development process. • Past experience as an application security practitioner or software engineer.

Benefits

• 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions. • 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions. • 12 corporate holidays and a Flexible Time Off (FTO) program. • Healthy mobile phone and home internet allowance. • Eligibility for retirement plan after 2 months at open enrollment. • Pet Benefit Option.