Candidates
Employers
Login
Sign Up
Application Security Engineer
N
NinjaJobs
Application Security Engineer
National
Full Time
Paid
Apply
Responsibilities
Roles & Responsibilities:
Review and design application security controls and cloud security architectures.
Conduct manual secure code reviews and assessments for web, non-web, and cloud applications.
Interact with developers to gather source code details, conduct code reviews, and provide remediation assistance.
Document vulnerabilities and assist with mitigation.
Validate fixes on reported vulnerabilities.
Coordinate with local and onsite teams, including vendor consultants.
Provide regular status updates on tasks and deliverables.
Qualifications:
Bachelor’s degree in computer science or a related discipline preferred.
4-5 years of experience in secure coding and code reviews.
Proficient in identifying OWASP Top 10 vulnerabilities and SANS Top 25 programming errors.
Strong knowledge of secure coding principles in Java, Angular/Node JS, JavaScript, Python, Ruby, etc.
Familiar with security frameworks (OWASP, SANS CWE) and secure coding practices.
Experience with web stack technologies (HTTP, HTML5, AJAX, REST) and platforms (Tomcat, .Net, MS SQL).
Skilled in creating custom proof of concept application exploits using various scripting languages.
Understanding of authentication and authorization mechanisms across web technologies and protocols (SSL/TLS, REST, OAuth, SAML).
Knowledge of DevSecOps and cloud/container infrastructures.
At least 4 years of development experience with 3+ years in secure code review and application security.
Excellent communication and organizational skills.
Relevant certifications (CSSLP, GSSP-Java, CSP) are a plus.
Compensation
$150,000-$170,000 per year