Application Security Engineer
Piper Companies is supporting our client in Reston, Virginia (VA) to find them an experienced Application Security Engineer. The Application Security Engineer will be expected to help develop tools used by the security team to automate various aspects of the security stack. Their ideal Application Security Engineer should possess strong interpersonal skills, be highly motivated, results oriented, and be a strong team player.
Responsibilities for the Application Security Engineer:
• Provide security recommendations as the SME for development teams throughout the SDLC.
• Track open issues and provide guidance to development teams and product engineering teams on security testing.
• Participate in change management process and collaborate with development teams to support remediation.
• Provide guidance on application security best practices.
• Perform manual and automated application vulnerability assessments and validate resolutions to make sure they are deployed to production on time.
Requirements for the Application Security Engineer:
• 4+ years of software development experience using Java, C++ or scripting languages (Python, Perl).
• Experience with Linux operating systems and implementation of security assessments within a CI pipeline.
• Understanding of DevOps and security integration and experience with API testing.
• Knowledge of cloud application security and software defined networking.
• Understanding of agile methodologies.
Must Haves for the Application Security Engineer:
• Bachelor's Degree in Computer Science, related field, or equivalent work experience.
• 10+ years of experience in Information Technology application development.
• 4+ years conducting assessments using COTS software (Burp suite, Fortify) and additional tools to ensure application security.
• Knowledge of the OWASP Testing Framework and OWASP Top 10.
Compensation and Benefits for the Application Security Engineer:
Salary: $155,000/yearly + bonus
Full Benefits: Medical, Dental, Vision, PTO, Holiday, 401k w/ Match
Application security engineer, security engineer, agile, Kanban, scrum, pair programming, go, ruby, burp, fortify, owasp, Open web application security project, cots, Unix, Linux, devops, api, continuous integration, python, Perl, Java, c++, vulnerability assessments, PTO, benefits, medical, dental, vision, vacation, holiday, 401k.