Azure Application Security Engineer

6 month contract to hire

McKinney, TX (Hybrid)

We are in search of a highly skilled and experienced Azure Senior Application Security Engineer to join our dynamic and innovative team. In this role, you will play a crucial part in ensuring the security and integrity of our applications, systems, and data. Your responsibilities will include identifying and mitigating security risks, conducting comprehensive security assessments, and providing expert guidance to our development and operations teams. If you are passionate about application security, possess deep technical expertise, and have a proven track record of implementing effective security measures, we want to hear from you.

Responsibilities:

Conduct thorough security assessments of applications, identifying vulnerabilities, and providing detailed remediation guidance.

Perform code reviews and collaborate with development teams to integrate security best practices into the software development lifecycle.

Threat Modeling:

Develop and maintain threat models for applications, identifying potential security threats and vulnerabilities.

Work closely with development teams to address security concerns during the design phase of projects.

Design, implement, and maintain secure architecture solutions for applications and systems.

Stay current with industry trends and emerging technologies to proactively address potential security challenges.

Serve as a subject matter expert in incident response, providing support in the event of a security incident or breach.

Collaborate with cross-functional teams to investigate and remediate security incidents.

Security Training and Awareness:

Develop and deliver security training programs for development and operations teams.

Foster a culture of security awareness and best practices throughout the organization.

Evaluate, implement, and manage security tools and automation processes to enhance the efficiency and effectiveness of security initiatives.

Requirements

5 years of experience in application security.

Azure Cloud experience

Strong understanding of software development principles and practices.

In-depth knowledge of OWASP top 10 and common issues with insecure coding practices.

Experience with secure coding practices, code reviews (SAST / DAST / MAST), and penetration testing.

Familiarity with industry standards and frameworks (OWASP, NIST, etc.).

Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.

Certifications such as GXPN, CISSP, CEH, or CSSLP are a plus.

Professional development experience in enterprise-class frameworks and programming languages.

#appsec #secops #owasp