Senior Application Security Engineer
St. Petersburg, Florida, United States
Applications have closed
Pole Star
At Pole Star Space Applications we develop pioneering technologies to keep you at the forefront of maritime insight & empower your real-world decisions. Enquire with us today.ABOUT US:
Pole Star Defense is a leading provider of maritime domain awareness, maritime security, and fisheries monitoring systems to the government sector. Since 1998, we have pushed the limits of innovation, mitigating growing threats to ships, supply chains, cargo, territorial waters and, most importantly, safety of lives at sea and beyond. Today, we continue to develop and implement pioneering intelligence technologies to protect customer vessels, people, maritime domain, and reputation.
POSITION DESCRIPTION:
The Senior Application Security Engineer will lead Pole Star Defense’s Enterprise initiatives helping to provide expertise on Application Security, including helping to review the current state of applications to identify defects. In addition, they will help to establish the required application layer security controls, analyze frameworks for improvements and develop implementation plans. This position will build a well-rounded SSDLC program with automation of controls in mind and tackle common SSDLC challenges that a modern SaaS company faces as an industry. Additionally, this position will have the opportunity to build a comprehensive security program with other SME’s as peers.
RESPONSIBILITIES:
- Lead application security reviews
- Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments
- Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
- Assists in providing consultation for the design, delivery and quality of secure data application and infrastructure solutions through risk management, guidance, education, and information security expertise for business areas
- Assist in the development of security processes and automated tooling that prevent classes of security issues.
- Documents and escalates policy exceptions or compliance deviations for review and risk assessment
Requirements
- Minimum 5 years Application Security experience
- An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Strong understanding and familiarity with common security libraries and tools (e.g., static analysis tools, proxying/penetration testing tools).
- Familiarity and ability to explain common security flaws and ways to address them (e.g., OWASP Top 10).
- Experience with multiple programming languages (such as Java, Python, etc.)
- Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
- Hands-on-experience with cloud security designs in a FedRAMP AWS GovCloud
- environments
- Excellent written and verbal communication skills
- Stronger interpersonal skills
EDUCATION/CERTIFICATIONS:
- Bachelor’s Degree in Information Technology or the equivalent combination of education, training, or experience
- Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
DESIRED SKILLS (Not Required)
- Experience working with Defense Information Security Agency (DISA) Security Technical Implementation Guides (STIGs).
- Security Clearance
TRAVEL REQUIRED: Ability for up to 10% travel both domestic and international.
Benefits
Pole Star Defense offers benefits that are designed to lead an evolving marketplace and encourage a healthy balance between work and life. Highlights of those benefits are listed below
- Medical, Vision, Dental, Disability insurance for employees and dependents (100% covered by company)
- Life insurance, company funded to 3x salary
- 20 days annual leave (can buy or sell more days)
- Up to a 10% Annual bonus available
- Up to a 5% 401K matching
- Gym membership subsidy
- Volunteer Day PTO
- Refer-a-friend recruitment bonus
WORK SCHEDULE NOTE: While this position is scheduled for a traditional Monday – Friday work week, our systems run 24/7/365 and as such, you may be expected to perform out of hours, on-call support on an as needed basis. This may include weekends and/or holidays and is worked on a rotation system with other team members. Additional compensation may be available for working on-call, standby or holiday hours
This is a Public Trust position and requires completion of a State and Federal Criminal History Report (i.e., background check) and may require a Department of Defense security clearance. Current and future employment will be contingent upon satisfactory completion of both the FBI Summary History Report and if designated, a DoD security clearance
This position requires use of or access to information subject to the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulations (“ITAR”). Accordingly, all applicants must be U.S. persons within the meaning of these regulations. Under ITAR, a U.S. person is defined as a U.S. Citizen, U.S. Permanent Resident, or a person who is a protected individual under the immigration and Naturalization Act (8 U.S.C. 1324b(a)(3))
Pole Star Defense is a U.S. Government contractor and is an Equal Opportunity Employer including disability and veterans
COVID 19 CONSIDERATIONS
Pole Star Defense follows all local and federal guidelines on how to best protect its employees, visitors, and guests from the COVID 19 virus. This includes following guidance and implementing policies set forth by the CDC, WHO and OSHA.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS C CCSP CISA CISM CISSP Clearance Cloud Compliance DoD FedRAMP ITIL Java Monitoring NIST OWASP Pentesting Python Risk assessment Risk management SaaS Security Clearance TCP/IP
Perks/benefits: Fitness / gym Health care Insurance Medical leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs