What are the responsibilities and job description for the Staff Application Security Engineer position at IDENTIFY SECURITY?
We are seeking a highly skilled Staff Application Security Engineer with a strong background in cloud software service management and application security to join our dynamic team. In this role, you will play a crucial part in ensuring the reliability, scalability, and security of our software systems and digital experiences. You will work closely with the cross-functional teams to protect
Client's
applications, systems, and data. You will focus on automating and improving the security aspects of our code development and deployment practices as well as leading the application security triage and prioritization processes.
Required Experience :
8 Years
Job Locations :
Location Restrictions :
Onsite
Basic Qualifications and Responsibilities :
Design, implement, and maintain infrastructure as code solutions for managing and protecting cloud resources, ensuring scalability, resilience, and security.
Contribute to the security hardening efforts and producing sensible baseline configurations for all key
Client's
systems.
Lead the application security processes including managing the existing security tools in the CI / CD pipelines, reviewing proposed project architectures, initial threat modeling, triage of the identified application security defects and the suggested fixes.
Work closely with the development teams to promote best application security practices.
Work closely with the infrastructure and the DevOps teams to ensure consistent implementation of the security standards including the remediation of the identified gaps in the security posture.
Contribute to the bug bounty triage and remediation processes.
You bring :
Bachelor's degree in computer science, Information Technology, or a related technical area.
8 years proven experience in Appsec (web, api, mobile) or related role.
3 years of experience in cloud environments (AWS preferred).
Proficient in Bash, Powershell, or other scripting languages.
Familiar with the Infrastructure as Code and “desired state” concepts including tools such as Terraform, Salt, Chef, Puppet, etc.
Knowledge of common attack vectors including OWASP Top 10.
Experience in automating build and deployment infrastructure built on Kubernetes, Docker, etc.
Experience in Python programming or other shell scripting language.
Experience with CI / CD tools (e.g., Jenkins, CircleCI) and version control systems (e.g., git).
Excellent problem-solving and communication skills.
Preferred Qualifications :
In-depth knowledge of containerization technologies (Docker), orchestration (Kubernetes), and infrastructure as code (Terraform).
Proficiency in deploying, monitoring, and scaling containerized applications on AWS using EKS, serverless, and ensuring high availability and performance.
Proficiency in application security assessments, penetration testing, red team, purple team.
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Staff Application Security Engineer?
Sign up to receive alerts about other jobs on the Staff Application Security Engineer career path by checking the boxes next to the positions that interest you.
