What are the responsibilities and job description for the Application Security Engineer position at w3r Consulting?
Static and Dynamic Code Analysis :
Performs integration of static and dynamic code scan output into CI / CD pipeline.
Reviews of code analysis output and translation into findings.
Utilizes the finding management software and tracking remediations with the development teams.
Performs development and application team education resolution training.
Performs emerging threat and threat landscape research.
Provides forensic cyber event analysis.
Identifies means to reduce cyber-attack effectiveness.
Looks for continuous improvement of detections for operationalization.
Threat Modeling and Emerging Vulnerability Detection :
Leads threat modeling workshops to draw out vulnerabilities.
Champions industry standard Threat Modeling framework (such as STRIDE).
Updates detection tools as new vulnerabilities emerge.
Stays aware of new vulnerabilities to articulate their inner workings against client's environment.
Company Expert Application Security Consulting :
Works closely with partners in Cyber and Technology to solve security problems.
Serves as the escalation point for cyber incidents, events, and application vulnerability research.
Identifies and provides guidance to mitigate threat vectors unique to the shared cyber attack surface.
Proactively communicates with application development teams to illustrate vulnerabilities and solutions.
Planning and Organizing :
Identifies & evaluates projects, products, and solutions to enhance threat detection and other capabilities.
Provides expert guidance on highly complex, large projects to incorporate cyber and fraud detection capabilities and considerations.
Participates in industry working and information sharing groups.
Administration :
Keeps management informed of status of threats, the threat landscape, and current incidents and events through appropriate reporting.
Actively participates on committees representing Cybersecurity.
Keeps abreast of leading-edge technologies in the application security space.
Other duties as assigned.
Qualifications
Position Qualifications :
Bachelor's Degree from an accredited university in Computer Science, Mathematics, Information Technology, Big Data, Cyber Security or equivalent through a combination of education and / or technology experience or 12 years of technology experience
8 years progressive cyber security technology experience
5 years of experience in application security engineering
2 years Dynamic / Static application security review
2 years web application development / object-oriented programming
2 years working with attack vectors in OWASP top 10
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Application Security Engineer?
Sign up to receive alerts about other jobs on the Application Security Engineer career path by checking the boxes next to the positions that interest you.
