Application Security Engineer
San Diego, California, United States
Applications have closed
AbacusNext
CARET brings the latest in technology and automation to legal and accounting firms. Explore our solutions today!The AbacusNext Information Security (INFOSEC) Team is looking for someone who is passionate about security and understands the critical role security plays in the Software Development Lifecycle. If you like breaking software and finding the root cause, we need you. The ideal candidate will work tirelessly to uncover security issues before the bad guys do and will work with developers to move security to the left in the SDLC. If you evangelize security and love to train developers to build better, more secure software, this position is for you.
Primary Job Responsibilities:
· Enable automation of product security testing and find innovative ways to scale the security team
· Evaluation of new technologies, tools, and/or development techniques that impact security
· Work with the Software Engineering Teams across all locations to integrate static and dynamic analysis security tools into Line of Business application pipelines
· Serve as subject matter expert for static and dynamic analysis security tools
· Interpret security tools and penetration testing results and describe issues and fixes to respective Software Engineering Teams.
· Provide vulnerability remediation guidance and mentoring to product development software engineers
· Develop a product fuzzing system to find security defects and where they reside in source code
· Develop company-wide security projects to discover security defects in source code, dependencies, and/or other artifacts
· Build metrics to track security defects and automate collection of security information to derive metrics
· Develop application security and product best practices to standardize security practices
· Provide security guidelines for the organization to protect critical assets and data
· Assist in the software security certification process for the organization
· Review, analyze, and evaluate both internally developed software and critical business systems products and procedures to address security requirements
Requirements
Primary Job Skills:
· Self-starter yet work as part of a team.
· Excellent written and verbal communication skills are required.
· Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms.
· Experience with Cloud and virtualized technology in environments such as Azure and Hyper-V.
· Candidates must be able to explain vulnerabilities and weaknesses in the OWASP Top 10 and CIS CSC 18 to any audience, and discuss effective defensive techniques.
· Deep understanding of HTTP and SSL/TLS protocols, and Web applications
· Knowledge of networking fundamentals (all OSI layers)
· Knowledge of the Windows and Linux operating systems
· Familiarity with Jira, Confluence, Git, BitBucket, Vulnerability Management software fundamentals, Penetration Testing Software/Frameworks, and more.
· Understanding of authentication protocols and frameworks to include
· Familiarity with dynamic and static analysis tools
· Deep understanding of continuous integration / continuous deployment processes and tools
· Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts
· Ability to automate tasks using a scripting language (Python, PowerShell, etc).
Benefits
- Medical, Dental, Vision, and Life Insurance
- 401K plan with match
- Flexible PTO
- Sick Days
- Remote work from home option
- Education reimbursement Employee Perks:
- Professional and Financial Growth
- Great culture and environment
- Social, Health, and Wellness Events (now all virtual)
- Anniversary Gifts
- Birthday Time Off
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Azure Bitbucket Cloud Hyper-V Jira Linux OWASP Pentesting PowerShell Product security Python Scripting SDLC TLS Vulnerabilities Vulnerability management Windows
Perks/benefits: 401(k) matching Career development Flex vacation Health care Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs