Application Security Engineer

Overview :

TekWissen is a global workforce management provider headquartered in Ann Arbor Michigan that offers strategic talent solutions to our clients worldwide. Our client is an American multinational information technology services and consulting company and is a leading provider of information technology consulting and business process outsourcing services dedicated helping the worlds leading companies build stronger businesses.

Job Title : Application Security Engineer

Work Location : Norfolk VA

Job Type : Contract

Work Type : Remote

Duration : 6 Months

Job Summary :

The contracted Application Security Engineer will be responsible for designing and implementing security solutions for specific applications and systems.

This role demands close collaboration with software developers to ensure applications are secure and compliant with relevant security standards.

Responsibilities :

Secure Configuration Management : Employ secure configuration management processes.

Consistency with Cybersecurity Guidelines : Ensure that acquired or developed system(s) and architecture(s) are consistent with the organizations cybersecurity architecture guidelines.

Business Function Prioritization : Identify and prioritize critical business functions in collaboration with organizational stakeholders.

Security Reviews and Risk Management : Perform security reviews identify gaps in security architecture and develop a security risk management plan.

Impact Analysis : Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.

Security Evaluation : Evaluate security architectures and designs to determine the adequacy of security design and architecture.

Security Control Documentation : Determine the protection needs (i.e. security controls) for the information system(s) and network(s) and document appropriately.

Define Security Patterns : Create security patterns providing frameworks or templates for addressing recurring cybersecurity issues.

Collaboration with Developers and Operations : Work closely with both developers and operations teams to ensure the deployment of secure solutions.

Stay Updated with Security Trends : Remain current with new security vulnerabilities threats and industry developments to ensure that security solutions and protocols are uptodate.

Training and Development : Train other team members and developers on current security practices and potential threats.

Infrastructure Security Design : Collaborate with the infrastructure architect to design a secure environment.

Okta Integration : Assess and ensure the secure integration and configuration of Okta for identity and access management within the organizations applications.

Illumio Segmentation : Analyze and define security boundaries using Illumio for network segmentation to protect sensitive data and reduce attack surfaces.

Code Review : Conduct thorough reviews of application code to identify and remediate security vulnerabilities ensuring the codebase adheres to best security practices.

Incorporate Security Patterns : Ensure that established security patterns and protocols are effectively incorporated into the application development process to maintain robust security standards.

Secure Coding Practices : Implement best practices for secure coding and advise development teams on mitigating security issues in their code.

Skillset Required :

An exceptional Application Security Engineer candidate should possess the following skills :

Proficiency in several programming languages (Java C Python .net etc.)

Understanding of Secure Software Development Life Cycle (SDLC)

Deep knowledge of security architectures protocols and standards

Skill in risk identification and application threat modeling

Experience using security tools for code reviews and application vulnerability scanning

Proficiency in encryption methods and standards

Ability to design test and implement secure applications

Broad knowledge of system infrastructure software and hardware

Relevant certifications like CISSP CSSLP or CISM

Excellent communication skills to simplify complex security concepts

Experience integrating systems with APIs and interacting with SaaS solutions

Experience with Cloud services from AWS Azure Google

Experience with SSO integrations and modern authentication methods

Knowledge of data security methods tokenization encryption and secure communications

Top Qualifications : SAST DAST OSS

Secure Coding OWASP TOP 10

Tools like Checkmarx Fortify Coverity Gitlab etc

Experience : 8 to 10 years

Required Skills : OWASPZAP

Sec Practices OWASP Top 10

HCL Appscan

TekWissen Group is an equal opportunity employer supporting workforce diversity.