Security Engineer

• Responsible for the build, integration, and operation of security architecture components.
• Identifying security tools, secure configurations, and processes in order to support security standards and compliance requirements.
• Have the technical depth to be hands on to remediate security vulnerabilities and/or develop technical solutions to security compliance areas.
• Work closely with the infrastructure architecture, development architecture, technical operations, and development teams to ensure changes are well designed and coordinated across the enterprise.
• Explains and demonstrates vulnerabilities to application owners, and provide recommendations for mitigation.
• Conducts and coordinates vulnerability assessments of software application under development.
• Identifies additional application security related tools, conducts tool analysis, and provided recommendations.
• Trains developers and other relevant team members on Secure Code Development as well as other security protocols as needed., Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms., * Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.

• 5-10 years of experience as an Application Security Developer, Application Security Analyst, or equivalent.

Other Job Specific Skills

• Experience with Nessus, Appscan, DB Protect, Venafi, and BURP.
• Experience with performing analysis of security scan results and implementing remediations to correct findings.
• Experience with AIX, RedHat Linux, Agile preferred., The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.