Application Security Engineer

  • New York, NY
  • Posted 60+ days ago | Updated 20 hours ago

Overview

Hybrid
$65 - $70
Contract - W2
Contract - 6 Month(s)
No Travel Required

Skills

CEH
OSCP
CISSP
GWAPT
OWASP
SAST
DAST
IAST
Kubernetes
Docker
Azure
AWS
GCP
DevSecOps
CI/CD
DevOps
Application Security
Cloud Security
Cybersecurity
SOC

Job Details

Job Title: Cybersecurity Engineer

Location: NYC, Boston, MA or Springfield, MA

Duration: 6+ Months

Note: Not able to work with third party companies. Looking for local candidates only, no relocation.

Minimum Qualifications:

  • Bachelor s or master s degree in computer science, Information Security, or a related field.
  • 8+ years of experience in application security, penetration testing, or secure software development.
  • The Ideal Qualifications:
  • Relevant security certifications such as CEH, OSCP, CISSP, or GWAPT from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.)
  • Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis.
  • Strong knowledge of application security vulnerabilities and best practices (e.g., OWASP Top 10, etc.)
  • Experience in integrating security into DevOps (DevSecOps) and CI/CD environments.
  • Strong technical knowledge of web application security, cloud security (AWS, Azure, Google Cloud Platform), mobile security, infrastructure as code (IaC), containerized environments (Docker, Kubernetes), and API security.
  • Hands-on experience with security tools such as SAST, DAST, SCA, IAST, and fuzzing tools.
  • Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations.
  • Advance understanding and experience with writing source code in at least one programming language (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.).
  • Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes.
  • Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers).
  • Knowledge of encryption, authentication, and access control.
  • Knowledge of compliance and regulatory frameworks (SOC 2, etc.).

EEO: Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.