Overview
On Site
$73 - $74 hr
Contract - W2
Contract - Independent
Contract - 12+ mo(s)
Skills
CYBERSECURITY
APPLICATION SECURITY
SAST
DAST
SOARCUBE
SOFTWARE DEVELOPMENT
APPLICATION DEVELOPMENT
VULNERABILITY
AWS
AZURE
GCP
SALESFORCE
RESTFUL API
SINGLE PAGE APPLICATIONS
SPA
Job Details
Payrate: $73.00- $74.00/hr
Summary:
As a Senior Application Security Engineer, you will work as a technical leader within a portfolio of related applications to guide software engineers on cybersecurity issues, influence security and prioritization decisions at the bug or story level and act as a trusted partner in their mission to deliver solutions securely.
Job Duties:
Technical Skills:
Skills:
Education & Experience Required:
Pay Transparency: The typical base pay for this role across the U.S. is: $73.00 - $74.00/hr. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience and the benefits package you select. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, 10 paid days off, 401(k) plan participation, commuter benefits and life and disability insurance.
For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy (;/span>
Aditi Consulting LLC uses AI technology to engage candidates during the sourcing process. AI technology is used to gather data only and does not replace human-based decision making in employment decisions. By applying for this position, you agree to Aditi s use of AI technology, including calls from an AI Voice Recruiter.
#AditiConsulting
Summary:
As a Senior Application Security Engineer, you will work as a technical leader within a portfolio of related applications to guide software engineers on cybersecurity issues, influence security and prioritization decisions at the bug or story level and act as a trusted partner in their mission to deliver solutions securely.
Job Duties:
- Security Defect Management - Analyzing, validating, communicating, and consulting on security defects identified by both automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc. In other words, our security engineers are partners to software engineers who require accurate information on why vulnerability exists and what they can do about it.
- Tool Enablement - Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established process.
- Security Test Onboarding & Management - Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our Defect Management Process.
- Maturity Measurement - Consulting with software engineers on practices which will improve their application s security maturity according to scorecards and maturity models established by Digital.
- Correction of Error - Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Digital avoid similar mistakes in their own applications.
Technical Skills:
- 5+ years of experience as a software engineer (in any language or framework) or software engineering manager
- 5+ years of experience as a software development-focused cybersecurity professional
- 5+ years of experience working on a major cloud platform (AWS, Azure, Google Cloud Platform, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect.
- Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc.
- Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10, MITRE Common Weakness Enumeration (CWE) Top 25, OWASP Application Security Standard (ASVS) and other industry-standard best practice guides or frameworks
- Experience building or supporting web applications and API s including Single Page Applications (SPA) and RESTful API s.
- Proficiency in one or more programming languages.
- Decision-Making Ability - Our engineers make sound, justifiable, customer-first decisions to determine which security issues to raise to software engineers/leaders and support work prioritization decisions.
- Strong Communication - Our engineers relate complex technical concepts to non-technical audiences and technical audiences without a security background. Additionally, the Digital team spans the globe, and our engineers must collaborate effectively with engineers from a few cultural backgrounds.
- Active Participation - Software engineering is not a spectator sport . The input and experience our engineers bring to the table are valued and should be shared freely. Similarly, engineers are relied upon completing complex assignments at a high level of quality with limited supervision.
Skills:
- Professional certifications in either cybersecurity or software engineering, such as: Associate or Professional-level certifications from a major cloud provider (AWS, Azure, Google Cloud Platform, or Salesforce), CompTIA Security+, Cloud+, etc., ISC2 Certified Software Lifecycle Professional (CSLP)
- Background in problem identification, root cause analysis, and process improvement.
- Excellent writing abilities and experience writing technical analysis and reports for consumption by software engineers, architects, and managers.
- Experience as a software or security engineer as an employee or contractor of a Fortune 500 company.
- Experience as a software or security engineer on eCommerce, device telematics, data analytics, or mobile applications.
- Bachelor s degree (or equivalent) in Computer Science, Software Engineering, Cybersecurity, Electrical Engineering, or related discipline.
Education & Experience Required:
- Minimum of 5+ years exp in cloud architecture.
- College degree is not required.
Pay Transparency: The typical base pay for this role across the U.S. is: $73.00 - $74.00/hr. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience and the benefits package you select. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, 10 paid days off, 401(k) plan participation, commuter benefits and life and disability insurance.
For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy (;/span>
Aditi Consulting LLC uses AI technology to engage candidates during the sourcing process. AI technology is used to gather data only and does not replace human-based decision making in employment decisions. By applying for this position, you agree to Aditi s use of AI technology, including calls from an AI Voice Recruiter.
#AditiConsulting
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.