Application Security Engineer
USA- Kansas Remote Office
It's fun to work at a company where people truly believe in what they are doing!
Job Description:
Job Summary
In the quest to continuously expand our capabilities around protecting ours and our clients' data, Epiq Cybersecurity is looking to add an Application Security Engineer to our team. We seek a candidate with a strong background in software development who will work with our software development teams to enhance the security controls in their code. The ideal person for this role is someone who understands SDLC/DevOps best practices, cloud-native technologies, has expertise in at least one development environment and who is self-driven enough to use that knowledge to speak generally to concepts across paradigms.
Job Responsibilities
- Work collaboratively with development teams to help them understand discovered vulnerabilities, identify appropriate remediation techniques, tune SAST, SCA, DAST and other pipeline tooling, and provide additional consultative support.
- Provide consultation to product development leadership on tooling and capabilities that will best fit the development paradigms, programming languages, cloud technologies, and other aspects of their software development lifecycle.
- Engage in discussions as a lead security resource in our security champions community, providing a voice from the cybersecurity perspective while also bringing back visibility into current activities, objectives, and obstacles within the software development teams.
- Consult with software developers on design strategies and approaches to common security controls within their applications.
- Report back to cybersecurity leadership on challenges, obstacles, and needs across the development community where the cybersecurity program can be adapted to provide greater support and coverage.
- Track and report metrics to measure the success of Secure-SDLC/DevSecOps initiatives within the various product development areas across the business units.
Job Requirements
- 3+ years of experience working in a corporate software development environment
- Proven mastery of at least one major software development language such as C#, Java, NodeJS, etc.
- Understanding of Secure SLDC/DevSecOps practices in hybrid environments using traditional and cloud native technologies
- Proven ability to adapt and apply existing software development experience to understand and build competence in new or unfamiliar technologies.
- Knowledge of common application security frameworks and guidance such as the NIST SSDF, OWASP Top 10 lists, etc.
- Demonstrated ability to build collaboration and credibility with resources across the organization who have different or potentially conflicting goals and priorities
- Demonstrated ability to define and report against critical metrics and key performance indicators
- Demonstrated ability to communicate, present and influence credibly and effectively to peers and members of the leadership team
- Demonstrated ability to provide technical leadership and effectively explain deeply technical concepts to individuals without background in those knowledge areas
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
It is Epiq’s policy to comply with all applicable equal employment opportunity laws by making all employment decisions without unlawful regard or consideration of any individual’s race, religion, ethnicity, color, sex, sexual orientation, gender identity or expressions, transgender status, sexual and other reproductive health decisions, marital status, age, national origin, genetic information, ancestry, citizenship, physical or mental disability, veteran or family status or any other basis protected by applicable national, federal, state, provincial or local law. Epiq’s policy prohibits unlawful discrimination based on any of these impermissible bases, as well as any bases or grounds protected by applicable law in each jurisdiction. In addition Epiq will take affirmative action for minorities, women, covered veterans and individuals with disabilities. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. Epiq is pleased to provide such assistance and no applicant will be penalized as a result of such a request. Pursuant to relevant law, where applicable, Epiq will consider for employment qualified applicants with arrest and conviction records.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security C Cloud DAST DevOps DevSecOps Java NIST Node.js OWASP SAST SDLC Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs