Application Security Engineer

Eglin AFB, Florida, United States; Niceville, Florida, United States

ARA

ARA is globally recognized for applying technically-excellent, in-depth and diversified research, engineering, and technical support services to provide answers to complex and challenging problems in the physical sciences. We approach every...

View company page

Our innovative and growing company is seeking a talented individual to fill the role of an Application Security Engineer to join our dynamic team at Applied Research Associates, Inc (ARA).  The Application Security Engineer position holds the responsibility of identifying and reducing security risks in the supported software applications developed in-house.  The ideal candidate will consult with other developers and product managers to analyze and propose application security standards, methods, and architectures. ARA is a 100% employee-owned company that offers excellent benefits package that includes medical, dental, vision, retirement and more.  This position is located at Eglin AFB, Florida on the Gulf Coast of Florida.

ARA offers an excellent benefits package that includes:

  • 401-K Retirement (both Traditional and Roth) with employer matching
  • Employee Stock Ownership Plan
  • Various insurance options including Flexible Spending Plan and a Health Savings Account (HSA)
  • Paid leave and holidays

 

Application Security Engineer Duties include:

  • Develop security training and guidance to internal and external development teams.
  • Provide subject matter expertise on architecture, authentication, encryption, and systems security for support software applications developed in-house.
  • Create and maintain artifacts in a protected repository established as the sole source of truth.
  • Assess security tools and integrate tools as needed, particularly open-source tooling.
  • Assist with assessment activities to improve the technology in use.

Technical:

  • Familiar with common security libraries, RMF security controls, common security flows, and vulnerability assessments for C++ applications
  • Ability to discover and patch database, GUI, authentication and authorization flaws, and other security vulnerabilities contained in the software applications.
  • Experience with Atlassian tools and CI/CD pipeline integration of security assessment and remediation measures
  • Experience with CheckMarx, SonarQube, and other application security analysis tools
  • Heavy experience with SAST, DAST, OSA, and secure software supply chain is a must.

Code Quality:

  • Proactively identify and reduce security risks in the supported software applications developed in-house.
  • Find and remove outdated and vulnerable code and code libraries.

Communication:

  • Consult with other Developers and Product Managers to analyze and propose application security standards, methods, and architectures.
  • Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities in collaboration with security teams.
  • Educate other developers on secure coding practices.
  • Ability to professionally handle communications with outside researchers, users, customers, and organizations.
  • Ability to communicate clearly on technical issues.

 

Application Security Engineer General Requirements:

  • An inquisitive nature for discovery of root cause
  • A proactive attitude towards challenges and technology.
  • Drive and passion for technology and capabilities
  • Superior written and verbal communication skills.
  • Assist in making security architecture decisions for software applications.
  • Implement security technical and process improvements.
  • You employ a flexible and constructive approach when solving problems.

 

Application Security Engineer Qualifications:

  • Bachelor's degree or higher in Computer Science or related field
  • 7-9 years of related experience.
  • Applicant must be a United States citizen and be able to obtain and maintain an Active DoD Security Clearance.

 

Company Details:

Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 2,011 professionals and is rapidly growing. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.

At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are recognized and rewarded for their contributions which not only add to the company’s success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. For additional information and an opportunity to join this unique workplace, please visit our website at www.ara.com.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security C Checkmarx CI/CD Clearance Computer Science DAST DoD Encryption RMF SAST Security analysis Security assessment Security Clearance SonarQube Vulnerabilities

Perks/benefits: Equity Flexible spending account Health care Medical leave

Regions: Europe North America
Countries: France United States
Job stats:  9  3  0

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.