Application Security Engineer
Eglin AFB, Florida, United States; Niceville, Florida, United States
Full Time Mid-level / Intermediate Clearance required USD 24K - 45K *
ARA
ARA is globally recognized for applying technically-excellent, in-depth and diversified research, engineering, and technical support services to provide answers to complex and challenging problems in the physical sciences. We approach every...Our innovative and growing company is seeking a talented individual to fill the role of an Application Security Engineer to join our dynamic team at Applied Research Associates, Inc (ARA). The Application Security Engineer position holds the responsibility of identifying and reducing security risks in the supported software applications developed in-house. The ideal candidate will consult with other developers and product managers to analyze and propose application security standards, methods, and architectures. ARA is a 100% employee-owned company that offers excellent benefits package that includes medical, dental, vision, retirement and more. This position is located at Eglin AFB, Florida on the Gulf Coast of Florida.
ARA offers an excellent benefits package that includes:
- 401-K Retirement (both Traditional and Roth) with employer matching
- Employee Stock Ownership Plan
- Various insurance options including Flexible Spending Plan and a Health Savings Account (HSA)
- Paid leave and holidays
Application Security Engineer Duties include:
- Develop security training and guidance to internal and external development teams.
- Provide subject matter expertise on architecture, authentication, encryption, and systems security for support software applications developed in-house.
- Create and maintain artifacts in a protected repository established as the sole source of truth.
- Assess security tools and integrate tools as needed, particularly open-source tooling.
- Assist with assessment activities to improve the technology in use.
Technical:
- Familiar with common security libraries, RMF security controls, common security flows, and vulnerability assessments for C++ applications
- Ability to discover and patch database, GUI, authentication and authorization flaws, and other security vulnerabilities contained in the software applications.
- Experience with Atlassian tools and CI/CD pipeline integration of security assessment and remediation measures
- Experience with CheckMarx, SonarQube, and other application security analysis tools
- Heavy experience with SAST, DAST, OSA, and secure software supply chain is a must.
Code Quality:
- Proactively identify and reduce security risks in the supported software applications developed in-house.
- Find and remove outdated and vulnerable code and code libraries.
Communication:
- Consult with other Developers and Product Managers to analyze and propose application security standards, methods, and architectures.
- Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities in collaboration with security teams.
- Educate other developers on secure coding practices.
- Ability to professionally handle communications with outside researchers, users, customers, and organizations.
- Ability to communicate clearly on technical issues.
Application Security Engineer General Requirements:
- An inquisitive nature for discovery of root cause
- A proactive attitude towards challenges and technology.
- Drive and passion for technology and capabilities
- Superior written and verbal communication skills.
- Assist in making security architecture decisions for software applications.
- Implement security technical and process improvements.
- You employ a flexible and constructive approach when solving problems.
Application Security Engineer Experience:
- 7-9 years of related experience.
Applicant must be a United States citizen and be able to obtain and maintain an Active DoD Security Clearance.
Company Details:
Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 2,300 professionals and is rapidly growing. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.
At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are recognized and rewarded for their contributions which not only add to the company’s success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. For additional information and an opportunity to join this unique workplace, please visit our website at www.ara.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security C Checkmarx CI/CD Clearance DAST DoD Encryption RMF SAST Security analysis Security assessment Security Clearance SonarQube Vulnerabilities
Perks/benefits: Equity / stock options Flexible spending account Health care Medical leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open Threat intelligence-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs