What are the responsibilities and job description for the Senior Application Security Engineer position at SilverSearch, Inc.?
LOCAL REMOTE role. MUST live in NYC area and able to work onsite in NYC 1-2 times per quarter.
Our software client based in the NYC area has an immediate need for an Application Security Engineer to join their security team to proactively identify and resolve security risks, issues and incidents. The successful engineer with proactively assesses information risk and facilitate remediation of identified vulnerabilities within the client’s network, systems and applications.
LOCAL REMOTE role. MUST live in NYC area and able to work onsite in NYC 1-2 times per quarter.
RESPONSIBILITIES :
Proactively identify and resolve security risks, issues and incidents.
Evaluate and assess information risk, as well as remediation of identified vulnerabilities with the ecosystem.
Report on findings and recommendations for corrective action.
Perform assigned vulnerability assessments utilizing enterprise security tools and methodologies.
Perform assessments of IT security / risk posture within the IT network, systems and software applications.
Drive security mitigation efforts through identification of opportunities to reduce risk and document remediation options regarding risk scenarios.
Facilitate and monitor performance of risk remediation tasks.
Design security solutions to address security vulnerabilities and weaknesses.
Continuously update the monitoring environment and tools in order to provide the correct level of insight into the environment.
Technical point of contact for product teams as it relates to automation, CI / CD, and Product Application Security Operations.
Build tools and automation scripts that enable developers to easily consume security services delivered by Security Engineering and Automation team.
REQUIRED EXPERIENCE :
7 years of experience in application security roles with increasing responsibility.
5 years or experience in an enterprise technology environment, with responsibilities across a operations, networking, systems and infrastructure architecture, or other as applicable technical areas.
3 years of experience in a Security Operations Center or Continuous Monitoring role
3 years of experience in Web Application Security, SSDLC and Threat Modelling.
Prior hands on experience with Software Development Java / C# / C .
Experience with a variety of Continuous Monitoring, and vulnerability scanning tools
Must have hands on infrastructure security skills including IDS / IPS, firewall, SIEM, server and OS hardening, malware detection, physical security, transport and at-rest encryption on file systems, DB, and other data persistence mechanisms.
Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning.
DEEP understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies.
Excellent written and verbal communication skills, including the ability to effectively communicate security and risk related concepts all audiences.
Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
Strong preference for CISSP, ISC2, SANS, ISACA, or other recognized security professional credentialing organizations.
Bachelor's degree in information systems, engineering or equivalent work experience, preferably Information System management / Computer Science / Information Security or a related technical discipline.
MUST live in NYC area and able to work onsite in NYC 1-2 times per quarter.
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Senior Application Security Engineer?
Sign up to receive alerts about other jobs on the Senior Application Security Engineer career path by checking the boxes next to the positions that interest you.
