Senior Information Security Applications Engineer

September 25

Apply Now

Receive Emails with Similar Jobs

Talentus

WebsiteLinkedInAll Job Openings

11 - 50

Description

• Interact with the Engineering team on secure SDLC activities: . Manage and mature the application security program through direct interactions. . Work with architects and engineers to review and design security requirements. . Interact with sprint teams on security-related issues, such as secure code reviews, threat modeling, coding patterns, and security awareness. . Determine and report on secure SDLC metrics. • Participate in security operations activities: . Review patch and vulnerability notifications as issued. . Conduct vulnerability discovery, validation, and remediation tracking. . Collaborate with IT teams to design remediations and shepherd them through to completion. . Monitor and review indicators of compromise from various systems. • Contribute to the design, planning, and implementation of security-related projects. • Write, review, and update security documentation and respond to audit requests.

Requirements

• Five years of experience in software development, engineering, or architecture. • Substantial professional experience focused on security. • Deep understanding of web application architecture design, software development, and related security concepts, including secure coding patterns, OWASP, data flows, authentication, and data protection. • Exceptional communication and collaboration skills. • Ability to shape and support secure practices carried out by others. • Experience with threat modeling methodologies, ideally STRIDE. • Ability to integrate security principles and techniques such as IAM, penetration testing, defense in depth, and change management into development processes. • Proficiency in several coding languages and the ability to quickly learn and apply security concepts to new languages. • Experience with relational database design and SQL query language. • Solid organizational skills and ability to prioritize tasks. • Ability to thrive in a fast-paced, constantly changing environment. • High level of integrity, trustworthiness, and ethics. • At least one security-focused certification related to skillset and experience. • Technical experience with Windows and Linux operating system security configuration. • Understanding of network architecture, including cloud-related security concepts, concerns, and technologies. • Experience implementing governance models such as NIST CSF or ISO 27001. • Experience with Agile project management techniques. • Financial industry experience. • Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC.

Benefits

• Contractor model. • 100% remote. • Salary in USD. • Paid vacations. • Day off for birthdays. • Benefits for courses and/or certifications. • Work on leading projects for our US customers, and not on the bench.