Lead Application Security Engineer

November 6

Apply Now

Receive Emails with Similar Jobs

Stride, Inc.

WebsiteLinkedInAll Job Openings

education • curriculum development • virtual school • online education • online school

5001 - 10000

Description

• As an Application Security Engineer, ensure applications are secure and trustworthy. • Collaborate with developers and stakeholders to identify and mitigate security risks. • Conduct security testing, including code reviews and vulnerability assessments. • Analyze application source code for security flaws and compliance with best practices. • Develop and maintain security tools, scripts, and automation for testing processes. • Attend project meetings as a security consultant for application configurations. • Manage security assessment remediation efforts. • Document and enforce security improvements balancing risk and business operations. • Collaborate with incident response teams on security breaches and incidents.

Requirements

• Bachelor’s degree in Computer Science, Information Assurance, or a related field and 5+ years of experience in application security or software development with a focus on security OR Equivalent combination of education and experience. • One or more including CISSP, CEH, OSCP, or CSSLP, AWS Certified Security - Specialty, Certified Application Security Engineer (CASE). • Strong knowledge of application security principles, secure coding practices, and common security vulnerabilities (e.g., OWASP Top 10). • Experience with security testing tools, such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) tools. • Proficiency in secure coding practices and familiarity with common vulnerabilities (e.g., OWASP Top 10, CVEs). • Strong understanding of application layer security concepts, including authentication, authorization, encryption, and API security. • Experience with integrating security tools into CI/CD pipelines. • Excellent communication and collaboration skills to work effectively with cross-functional teams. • Experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA). • Additionally, experience in one or more of the following: ISO 27001/2, ITIL or NIST. • Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines. • Strong analytical and problem-solving skills, with the ability to assess risks and provide mitigation strategies. • Familiarity with agile development processes and cloud-native application security. • Hands-on experience with threat modeling, penetration testing, and vulnerability management. • Ability to travel 2% of the time. • Ability to clear required background check.

Benefits

• Eligible employees may receive a bonus. • Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.