Overview
Skills
Job Details
Senior AppSec Engineer
Iselin, NJ, Charlotte, NC, Irving, TX, Minneapolis, MN - Chandler, AZ - 3 days onsite, 2 days remote weekly
12+ Month Contract
Must Haves:
-
5+ yrs InfoSec engineering; security certs (CISSP, CISM, CEH).
-
5+ yrs AppSec/DevSecOps partnering with developers.
-
3+ yrs coding in .NET, C#, Java, Rust, or C++.
-
Scripting skills: Python, PowerShell.
-
CI/CD experience (GitHub, Jenkins, Maven, Artifactory, Harness, Xray).
-
Strong SDLC, OWASP Top 10/CWE knowledge.
-
Detail-oriented documentation skills; Jira/Confluence.
-
Container security: Kubernetes, OpenShift.
Day-to-Day:
-
Manage AppSec automation tools, mainly SCA (Checkmarx One, BlackDuck).
-
Coordinate with ServiceNow AVR, DevOps, Vulnerability Ops to ensure SCA issues are tracked.
-
Collaborate with security architecture on vuln mgmt workflows and developer guidance.
-
Perform adversarial analysis and support audits, governance, risk & compliance.
-
Improve code quality via CI/CD integrations and container security tooling.
-
Build solutions to secure OSS supply chains.
Plusses:
-
Experience with AI tools for FP reduction, auto-remediation, OSS threat intel.