Description Role Summary/Purpose
Senior Application Security Engineer will be responsible for the development and implementation of effective security controls pertaining to information systems. A significant part of this role’s focus is to conduct security assessments on custom-coded applications, reviewing security findings with application teams comprising of developers and senior leadership, and tracking gap remediation. Additionally, this role provides security input into IT and Business projects, ensuring that appropriate controls are in place to meet regulatory requirements as well as internal security policies.
Plan security assessments for custom coded applications.
Conduct code reviews using HP Source Code Analyzer, HP Webinspect Enterprise and other commonly used tools like Burp Suite and Kali Linux.
Build and mature application security processes, standards, and guidelines.
Experience with DevOps; enabling software development teams in “building security in” to their processes in an agile environment.
Recommend courses of action to remediate security vulnerabilities and threats to Application Teams’ software product suite.
Work with a variety of application security technologies, including SAST and DAST, for applications in internal and external networks, including mobile applications and Cloud-based technologies.
Work with business groups to understand business requirements, translate security requirements, and consult on security risks
Hands-on experience with any of the following application security assessments tools: HP Source Code Analyzer, HP
Webinspect Enterprise, or commonly used tools like Burp Suite and Kali Linux.
2+ years of hands-on software development experience.
Bachelor’s degree and 3-5 years of Infosec experience
For internal employees, minimum of 18 months in the organization and 12 months in the current role with no active PIP or CAP.
Excellent written and verbal communication skills along with the proven ability to present
complex, technical information to both technical and non-technical audiences.l
Strong organizational, communication, and customer service skills.
Equivalent work experience and a proven track record in the field of Software
Development and/or Information security.
3 or more years with Secure coding practices/ System Integration
Email Id : firstname.lastname@example.org