What are the responsibilities and job description for the Application Security Engineer position at InterSec Inc.?
Job Details
Job Title: Application Security Engineer
Location: Hybrid in Reston, VA
Job Overview:
We are seeking an Application Security Engineer to lead application threat modeling, security assessments, and DevSecOps integration. The role involves conducting vulnerability assessments, defining secure coding standards, and ensuring compliance with security frameworks.
Key Responsibilities:
- Act as the SME on application security for development teams.
- Perform threat modeling, security architecture reviews, and penetration testing.
- Integrate security controls into DevSecOps (CI/CD pipelines).
- Define and enforce secure coding standards.
- Conduct static and dynamic code analysis (SAST/DAST).
- Ensure compliance with PCI-DSS, NIST, ISO 27001, GDPR.
- Provide security training and awareness programs.
- Stay updated on emerging threats and vulnerabilities.
Qualifications:
- 5 years of experience in application security or software development.
- Strong knowledge of OWASP Top 10, CWE, CVE, and secure coding practices.
- Proficiency with security tools (Fortify, Checkmarx, Veracode, Burp Suite, OWASP ZAP).
- Experience with AWS, Azure, Google Cloud Platform security.
- Familiarity with Java, .NET, Python, JavaScript secure coding.
- Relevant certifications (CISSP, CSSLP, OSWE, CEH, GWAPT preferred).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
