What are the responsibilities and job description for the Senior Application Security Engineer - Hybrid position at OCTANE?

Senior Application Security Engineer - HybridIrving, Texas, United States

New York, New York, United States

Octane offers instant financing to fuel your lifestyle. Get instant finance offers with no impact to your credit.

Octane is revolutionizing recreational purchases by delivering a seamless, end-to-end digital buying experience. We connect people with their passions by combining cutting-edge technology and innovative risk strategies to make lifestyle purchases - like powersports vehicles, RVs, and OPE - fast, easy, and accessible.

Octane is seeking an experienced Application Security Engineer to lead and enhance our application security initiatives. This role will focus on integrating robust security measures into the software development lifecycle, conducting security assessments, and guiding development teams in identifying and mitigating application security risks. You will play a critical role in securing our applications, microservices, and infrastructure, while also fostering a security-first mindset across teams. This is a hybrid role based in our Dallas / Irving, Texas or NYC office.

Responsibilities :

Review, design and integrate security into the Software Development Lifecycle processes

Perform manual and automated security assessments against Octane applications, microservices, and application components

Perform threat modeling and risk assessments on existing and proposed projects

Analyze existing processes and technologies used by development, data and product teams and embed security practices

Partner with development and QA teams to ensure application security risks are identified and mitigated using appropriate security controls

Test applications for security vulnerabilities using SAST / DAST / SCA solutions

Provide pragmatic recommendations to remediate security concerns in the code and misconfigurations

Triage and prioritize security incidents as needed as part of the incident response processes

Own application security education and training across development, data and QA teams

Requirements :

Master’s / Bachelor’s degree in Cybersecurity / Engineering preferred or significant relevant equivalent experience

5 years of experience in Information Security, preferably application security and incident response experience

GIAC Certified Web Application Penetration Tester (GWAPT) and / or GIAC Certified Web Application Defender is preferred

Familiar with processes such as threat intelligence, threat hunting, incident response and other threat & vulnerability processes

Strong knowledge and understanding of application development frameworks and processes (prefer past experience as a full-stack developer)

Experience in identifying application security vulnerabilities and addressing them in modern application technology stacks

Experience developing automations using languages such as Python

Hands-on experience in configuring CI / CD solutions to utilize security solutions with the aim to mature towards a well-implemented DevSecOps

Expert knowledge of OWASP and OWASP API Top threats and remediations (should be able to recognize and mitigate security issues with manual code review)

Familiarity with common libraries and frameworks used for mitigating common application-level threats

Knowledge of defense-in-depth architecture as it relates to cloud and application security

Compensation :

The role described above offers a base salary of $125,000 to $165,000. Your offer will be based on the alignment of your qualifications with the requirements of the job, location, and internal equity. In addition to the above-mentioned salary, Total Rewards include a stock option package, and benefits as outlined below.

Robust Health Care Plans (Medical, Dental & Vision)

Up to 5 weeks time off (self-managed)

Retirement Plan (401k) with company match!

Educational Assistance / Tuition Reimbursement up to $3K / year

Life Insurance (Basic, Voluntary & AD&D)

Short Term / Long Term Disability

Robust Ancillary benefits including accident insurance, hospital insurance, etc.

Wellhub (Gympass) Wellness Benefit

Powersports Safety Benefit

Disclaimer : The above statements are intended to describe the general nature and level of work being performed by associates assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Octane Lending is an equal opportunity employer committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other protected status with respect to recruitment, hiring, promotion and other terms and conditions of employment.

Considering making an application for this job Check all the details in this job description, and then click on Apply.

J-18808-Ljbffr

Remote working / work at home options are available for this role.

Salary : $125,000 - $165,000

Apply for this job

Receive alerts for other Senior Application Security Engineer - Hybrid job openings

Senior Application Security Engineer - Hybrid

What are the responsibilities and job description for the Senior Application Security Engineer - Hybrid position at OCTANE?

What is the career path for a Senior Application Security Engineer - Hybrid?

Job openings at OCTANE

Not the job you're looking for? Here are some other Senior Application Security Engineer - Hybrid jobs in the New York, NY area that may be a better fit.

We don't have any other Senior Application Security Engineer - Hybrid jobs in the New York, NY area right now.

AI Assistant is available now!