Senior Application Security Engineer

St. Petersburg, Florida, United States

Pole Star

At Pole Star Space Applications we develop pioneering technologies to keep you at the forefront of maritime insight & empower your real-world decisions. Enquire with us today.

View company page


ABOUT US:
Pole Star Defense is a leading provider of maritime domain awareness, maritime security, and fisheries monitoring systems to the government sector. Since 1998, we have pushed the limits of innovation, mitigating growing threats to ships, supply chains, cargo, territorial waters and, most importantly, safety of lives at sea and beyond. Today, we continue to develop and implement pioneering intelligence technologies to protect customer vessels, people, maritime domain, and reputation.


POSITION DESCRIPTION:

The Senior Application Security Engineer will lead Pole Star Defense’s Enterprise initiatives helping to provide expertise on Application Security, including helping to review the current state of applications to identify defects. In addition, they will help to establish the required application layer security controls, analyze frameworks for improvements and develop implementation plans. This position will build a well-rounded SSDLC program with automation of controls in mind and tackle common SSDLC challenges that a modern SaaS company faces as an industry. Additionally, this position will have the opportunity to build a comprehensive security program with other SME’s as peers.


RESPONSIBILITIES:

  • Lead application security reviews
  • Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments
  • Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
  • Assists in providing consultation for the design, delivery and quality of secure data application and infrastructure solutions through risk management, guidance, education, and information security expertise for business areas
  • Assist in the development of security processes and automated tooling that prevent classes of security issues.
  • Documents and escalates policy exceptions or compliance deviations for review and risk assessment

Requirements

  • Minimum 5 years Application Security experience
  • An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Strong understanding and familiarity with common security libraries and tools (e.g., static analysis tools, proxying/penetration testing tools).
  • Familiarity and ability to explain common security flaws and ways to address them (e.g., OWASP Top 10).
  • Experience with multiple programming languages (such as Java, Python, etc.)
  • Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
  • Hands-on-experience with cloud security designs in a FedRAMP AWS GovCloud
  • environments
  • Excellent written and verbal communication skills
  • Stronger interpersonal skills


EDUCATION/CERTIFICATIONS:

  • Bachelor’s Degree in Information Technology or the equivalent combination of education, training, or experience
  • Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL


DESIRED SKILLS (Not Required)

  • Experience working with Defense Information Security Agency (DISA) Security Technical Implementation Guides (STIGs).
  • Security Clearance


TRAVEL REQUIRED: Ability for up to 10% travel both domestic and international.

Benefits

Pole Star Defense offers benefits that are designed to lead an evolving marketplace and encourage a healthy balance between work and life. Highlights of those benefits are listed below

  • Medical, Vision, Dental, Disability insurance for employees and dependents (100% covered by company)
  • Life insurance, company funded to 3x salary
  • 20 days annual leave (can buy or sell more days)
  • Up to a 10% Annual bonus available
  • Up to a 5% 401K matching
  • Gym membership subsidy
  • Volunteer Day PTO
  • Refer-a-friend recruitment bonus


WORK SCHEDULE NOTE: While this position is scheduled for a traditional Monday – Friday work week, our systems run 24/7/365 and as such, you may be expected to perform out of hours, on-call support on an as needed basis. This may include weekends and/or holidays and is worked on a rotation system with other team members. Additional compensation may be available for working on-call, standby or holiday hours


This is a Public Trust position and requires completion of a State and Federal Criminal History Report (i.e., background check) and may require a Department of Defense security clearance. Current and future employment will be contingent upon satisfactory completion of both the FBI Summary History Report and if designated, a DoD security clearance


This position requires use of or access to information subject to the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulations (“ITAR”). Accordingly, all applicants must be U.S. persons within the meaning of these regulations. Under ITAR, a U.S. person is defined as a U.S. Citizen, U.S. Permanent Resident, or a person who is a protected individual under the immigration and Naturalization Act (8 U.S.C. 1324b(a)(3))


Pole Star Defense is a U.S. Government contractor and is an Equal Opportunity Employer including disability and veterans

COVID 19 CONSIDERATIONS

Pole Star Defense follows all local and federal guidelines on how to best protect its employees, visitors, and guests from the COVID 19 virus. This includes following guidance and implementing policies set forth by the CDC, WHO and OSHA.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Automation AWS C CCSP CISA CISM CISSP Clearance Cloud Compliance DoD FedRAMP ITIL Java Monitoring NIST OWASP Pentesting Python Risk assessment Risk management SaaS Security Clearance TCP/IP

Perks/benefits: Fitness / gym Health care Insurance Medical leave Salary bonus

Region: North America
Country: United States
Job stats:  2  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.