Sr. Application Security Engineer (Hybrid) Southlake

Stellent IT LLC
Orlando, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Orlando, United States of America

Tech stack

Agile Methodologies
Software System Penetration Testing
Static Program Analysis
Code Review
Computer Security
Distributed Data Store
Key Management
Open Web Application Security
Secure Coding
Software Engineering
Product Software Implementation Methods
Systems Integration
Enterprise Software Applications
Software Security
Data Analytics
Static Application Security Testing
Vulnerability Analysis

Job description

The Application Security team, operating under the Chief Information Security Officer (CISO), protects client information assets to support business objectives and align with corporate policies. As a core function within Cybersecurity Services, the Application Security team leads the establishment and ongoing evolution of Secure Software Development Program. This includes the creation and implementation of software security policies and best practices, providing security architecture guidance, conducting software security scanning and penetration testing, and educating developers and testers on secure coding practices.

The Software Security Engineer plays a key role in safeguarding software assets by strengthening the development process, enhancing security controls, and reducing defects and vulnerabilities in production environments.

Well qualified candidates for this position will demonstrate the following key traits

Requirements

Must have: Tools, Coding, Code Analysis + Vericode, Successful candidates will have prior engineering experience within a Software Security Assurance or Application Security team and a proven ability to partner effectively with development teams to balance security requirements with innovation. They will demonstrate strong analytical skills, including the ability to interpret large volumes of distributed data and translate it into clear, actionable insights. Candidates should also have experience working with a range of application security tools, including Software Composition Analysis (SCA), Static Application Security Testing (SAST), and secrets management solutions.

In addition, candidates will bring solid application engineering experience and a strong understanding of common application vulnerabilities, attack vectors, and remediation strategies. They should be familiar with secure software design principles and industry best practices for integrating security into the software development lifecycle. Experience with application security testing tools, and their integration into agile development environments is expected.

Candidates should have familiarity with recognized industry frameworks and standards such as OWASP, CIS, and NIST. A minimum of two years of experience working with static analysis or threat modeling tools is expected, along with experience implementing and scaling enterprise application security tools, services, and controls. Finally, candidates must demonstrate a strong understanding of secure coding practices, code review processes, threat modeling, security requirements analysis, and architectural risk assessment.

Apply for this position