We are looking for a results-oriented individual who will be responsible for ensuring the availability, confidentiality, and integrity of the Consensus business' data assets.
The Application Security Engineer will be an innovative, self-driven, team player. The Application Security Engineer will be responsible for building security controls and working with business technology teams to implement them; automation is key.
The Application Security Engineer is responsible for application security, policies and architecture, implementation, and security integration. This individual is also responsible for maintaining a high level of competency in the security field through ongoing education and must possess a proactive attitude towards learning and applying security best practices.
- Understand complex technical issues and manage them within a fast-paced business environment
- Identify current and emerging technology issues including security trends, vulnerabilities, and threats
- Research and implement new security solutions to better protect the organization
- Develop and improve metrics that drive desired behavior and security outcomes
- Conduct proactive research to analyze security weaknesses and recommend appropriate strategies
- Assist in driving Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tool deployments and integrations with CI/CD environments
- Guide developers to mitigate business-critical vulnerabilities and attack vectors in web applications
- Perform Vulnerability assessment and penetration testing, and propose remediation approaches
- Review secure code for newly-developed program features, extensions and scripts
- Review security elements in the software development life cycle (and off-shelf software)
- Work independently with developers, product owners, and other colleagues to ensure secure design, development, and implementation of our applications
- Evangelize secure coding practices internally
- Bachelor's Degree or Associate’s Degree in Information Security, Cybersecurity, Computer Science, Engineering or Networking with relevant experience or equivalent experience.
- Industry standard security certifications such as CEH, CISSP, CSSLP are recommended.
- Must possess problem-solving skills and be able to think logically and analytically.
- Must have skills to stay organized among multiple, competing activities and prioritize tasks/activities in alignment with team objectives.
- Meet project / deliverables schedules and communicate project status on a regular basis to supervisor and other stakeholders.
- Must be able to work independently or as a team member on assigned projects.
- Ability to balance risk with business appetite is a must.
- Communication and interpersonal skills are required to build a partnership with various business units.
- Strong knowledge of web application security issues, such as OWASP Top 10
- Understanding of programming languages
- Familiarity with Secure SDLC (Software Development Life Cycle) approaches
- Ability to recognize application vulnerabilities and possible exploits and their potential impact to businesses
- Familiar with dynamic and static analysis techniques, fuzzing / brute forcing
- Experience with manual web application testing by proxy tools such as Burp Suite
- Experience working with common dynamic and/or static analysis tools
- Knowledge of securing different on-prem and/or cloud applications using best security practices
This is a remote/office-based position which may be performed anywhere in the United States except within Colorado.
Let us know
Help us maintain the quality of jobs posted on RemoteTechJobs and let us know if:
Join a team of more than 25,000 team members, comprised of our home office and over 215 clubs and 3 distribution centers in 17 states. We’re committed to delivering value and convenience to our Members, helping them save every day on everything they need for their family an
Sr Info Cybersecurity Analyst - (21011698)DescriptionJOB SUMMARYResponsible for analyzing security controls for information systems with increasing levels of complexity and breadth. Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure
Reporting to: Security Operations ManagerIntroduction:Our goal at Pivotree is to help accelerate the future of frictionless commerce. We will help lead this change over the next decade because we believe a future where technology is embedded intimately into all aspects of our eve
Overview:For more than 30 years, NCI Information Systems has been a leading provider of digital transformation solutions and services to U.S. government agencies. With its Empower™ platform, NCI is at the forefront of implementing artificial intelligence (AI) solutions to s
A Cyber Security Engineer has IT experience with Cyber Security Policy and threat mitigation. Must be well versed in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks.Must have familiarity and experience in the implementation of cyber securi
More jobs by this company
Job SummaryZiff Davis' Communication brands (Line2, eVoice and eReceptionist) arm small businesses with VOIP (Voice over Internet Protocol) with digital communication tools and are embarking on an ambitious growth plan. We are looking for exceptional new team members to help driv
The Lead Software Developer (Java) will lead a team of software developers delivering high-volume, flexible, and performant systems supporting the API Gateway and surrounding tooling that power our best-in-breed solutions for enterprise and mission-critical fax and document excha
Account ManagerSince 2003, small and medium sized businesses worldwide have achieved significant results by turning to iContact’s best-in-class email marketing solutions and knowledgeable team members. With scalable tools to serve the needs of high-volume senders, professio
The DevOps Engineer will design, implement, test, deploy, support and perpetually improve upon continuous integration pipelines utilizing new technologies, industry standard tool sets and software development in a fast paced agile environment in order to streamline time-to-value.
The Senior DevOps Engineer will design, implement, test, deploy, support and perpetually improve upon continuous integration pipelines utilizing new technologies, industry standard toolsets and software development in a fast paced agile environment in order to streamline time-to-
The Sr. Technical Project Manager (TPM) plans, coordinates, and facilitates projects for multiple teams from start to delivery, specially focused App dev and Infrastructure. The TPM works with Product Managers and subject matter experts to understand business requirements, transl
About the jobWe are looking for a highly capable Windows software developer who desires to learn and develop for the Android platform. You will be responsible for building features that deliver meaningful and accurate results with a cutting-edge user experience. In addition, you.
The Lead VoIP Engineer will lead a team of software developers delivering high-volume, flexible, and performance systems in our best-in-breed enterprise and mission-critical fax and document exchange customers. The Lead will manage the coding practices of the team, perform code r
The Senior Software Developer (Java/Node) will join a team of software developers delivering high-volume, flexible, and performant systems supporting a best-in-breed solution for enterprise and mission-critical fax and document exchange customers.DutiesDesigning and developing ne
Consensus is looking for an ambitious, creative, and versatile Senior Front-End Engineer who has experience with designing, developing, and maintaining web applications. The ideal candidate is a team-oriented and self-sufficient contributor who will craft and develop Front-End an
The Moz Group is looking hire a contract Recruiter to support our recruiting team. You will be responsible for managing a pipeline of technical and non-technical roles and support teams across multiple products and locations.This is a 12 month contract.We are an office optional c
The Lead Software Developer (Python) will lead a team of software developers delivering high-volume, flexible, and performant systems supporting a best-in-breed telecommunications solution for enterprise and mission-critical fax and document exchange customers. The Lead will mana
AFFILIATE MANAGERJoin an energetic team in one of the hottest growing sectors in software—cybersecurity. VIPRE Security Group, a part of Ziff Davis (NASDAQ : ZD), is a global, highly rated, award-winning security, privacy and data protection company protecting millions of c
The Sr. System Administrator will be responsible for the support and maintenance of our production infrastructure, both on-prem and cloud based, globally. In addition to standard operations responsibilities related to production Windows and Linux environments, this position will.