What are the responsibilities and job description for the Application Cybersecurity Engineer position at Talteam?
Job Responsibilities:
" Analyzing, validating, communicating, and consulting on security defects identified by automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc.
" In other words, our security engineers are partners to software engineers who require accurate information on why a vulnerability exists and what they can do about it.
" Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established processes.
" Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our
" Defect Management Process.
" Consulting with software engineers on practices that will improve their application's security maturity according to scorecards and maturity models established by Cat Digital.
" Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Cat Digital avoid similar mistakes in their applications.
Required Technical Skills and Qualifications:
" 5 years of experience as a software engineer (in any language or framework) or software engineering manager
" 5 years of experience as a software development-focused cybersecurity professional
" 5 years of experience working on a major cloud platform (AWS, Azure, GCP, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect
" Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc
" Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10, MITRE Common Weakness Enumeration (CWE) Top 25, OWASP Application Security Verification Standard (ASVS) and Other industry-standard best practice guides or frameworks
" Experience building or supporting web applications and APIs including Single Page Applications (SPA) and RESTful APIs
" Proficiency in one or more programming languages
" Background in problem identification, root cause analysis, and process improvement
" Excellent writing abilities and experience writing technical analyses and reports for consumption by software engineers, architects, and managers
" Experience as a software or security engineer as a Fortune 500 company employee or contractor
" Experience as a software or security engineer on eCommerce, device telematics, data analytics, or mobile applications
Required Soft Skills:
" Decision-Making Ability
" Strong Communication
" Active Participation
Disqualifiers/Red Flags:
" Choppy tenure/ consistent job hopping.
Education & Experience Required:
" Minimum of 5 years experience in cloud architecture.
" Bachelor's degree (or equivalent) in Computer Science, Software Engineering, Cybersecurity, Electrical Engineering, or a related discipline.
Required Certification:
" Professional certifications in either cybersecurity or software engineering, such as Associate or Professional-level certifications from a major cloud provider (AWS, Azure, GCP, or Salesforce), CompTIA Security , Cloud , etc or ISC2
" Certified Software Lifecycle Professional (CSLP
**Talteam Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.**
" Analyzing, validating, communicating, and consulting on security defects identified by automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc.
" In other words, our security engineers are partners to software engineers who require accurate information on why a vulnerability exists and what they can do about it.
" Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established processes.
" Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our
" Defect Management Process.
" Consulting with software engineers on practices that will improve their application's security maturity according to scorecards and maturity models established by Cat Digital.
" Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Cat Digital avoid similar mistakes in their applications.
Required Technical Skills and Qualifications:
" 5 years of experience as a software engineer (in any language or framework) or software engineering manager
" 5 years of experience as a software development-focused cybersecurity professional
" 5 years of experience working on a major cloud platform (AWS, Azure, GCP, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect
" Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc
" Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10, MITRE Common Weakness Enumeration (CWE) Top 25, OWASP Application Security Verification Standard (ASVS) and Other industry-standard best practice guides or frameworks
" Experience building or supporting web applications and APIs including Single Page Applications (SPA) and RESTful APIs
" Proficiency in one or more programming languages
" Background in problem identification, root cause analysis, and process improvement
" Excellent writing abilities and experience writing technical analyses and reports for consumption by software engineers, architects, and managers
" Experience as a software or security engineer as a Fortune 500 company employee or contractor
" Experience as a software or security engineer on eCommerce, device telematics, data analytics, or mobile applications
Required Soft Skills:
" Decision-Making Ability
" Strong Communication
" Active Participation
Disqualifiers/Red Flags:
" Choppy tenure/ consistent job hopping.
Education & Experience Required:
" Minimum of 5 years experience in cloud architecture.
" Bachelor's degree (or equivalent) in Computer Science, Software Engineering, Cybersecurity, Electrical Engineering, or a related discipline.
Required Certification:
" Professional certifications in either cybersecurity or software engineering, such as Associate or Professional-level certifications from a major cloud provider (AWS, Azure, GCP, or Salesforce), CompTIA Security , Cloud , etc or ISC2
" Certified Software Lifecycle Professional (CSLP
**Talteam Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.**
Salary : $61 - $81
