Senior Application Security Engineer
*This position is highly technical.
As a Senior Application Security Engineer, your role involves close collaboration with software development teams to ensure the safety of our customers during the development of innovative services. On any given day, your tasks may include code inspections to identify security issues, the development of new frameworks to enhance the speed and security of software development, and fine-tuning service designs in collaboration with software developers.
We are looking for a seasoned Senior Application Security Engineer to lead application security initiatives. You will be responsible for the strategic implementation of security measures to protect applications and data, while mentoring junior engineers and shaping our security posture as well as identifying and removing bottlenecks for your teammates, both in process and technology
As a Senior Application Security Engineer, you will be dedicated to developing, implementing, and advocating for the right level of security integration within our software development lifecycle (SDLC). You will lead efforts in identifying, evaluating, and mitigating security risks related to application development and deployment, ensuring that our applications, services, and infrastructure are designed and implemented securely.
Responsibilities
- Work closely with development teams to integrate security into the SDLC and to implement secure coding practices, developing security training and guidance as necessary.
- Participate in incident response activities for application security incidents, including root cause analysis and identification of remediation strategies.
- Evaluate, implement, and manage security tools and technologies to improve the detection and prevention of vulnerabilities.
- Assist in development of security processes and automated tooling that prevent classes of security issues.
- Autonomously solve security problems that require novel methods or approaches
- Support and consult with product and development teams in the area of application security, including threat modeling and AppSec reviews
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
Required Skills/Competencies
- 5+ years’ experience in an application security role with a focus on software development.
- Advanced knowledge of application security principles, frameworks, and technologies such as OWASP Top 10, SANS Top 25, etc.
- Able to communicate complex security issues and risks in a clear, concise manner to both technical and non-technical audiences.
- Excellent critical thinking and problem-solving skills, with the ability to think strategically and act tactically.