Application Security Engineer - Contract-to-Hire

Remote - Denver, Colorado, United States

Full Time Contract Mid-level / Intermediate
EVOTEK, Inc. logo
EVOTEK, Inc.
Apply now Apply later

Posted 3 weeks ago

EVOTEK is North America's premier enabler of digital business with a focus on innovation. With technology offerings in both data center and cloud, EVOTEK is uniquely equipped to enable customers with the industry shift from traditional IT computing to secure multi-cloud. With services practices in cybersecurity, mobility, platform engineering and artificial intelligence, EVOTEK is moving up the value chain, closer to the part of digital business that matters most. EVOTEK was named to Inc Magazine's Best Places to work in 2018. In 2016, 2017, 2018, and 2019, EVOTEK was named to The San Diego Business Journal's Best Places to work and recognized as #168 on CRN's Solution Provider 500 list, CRN's Next-Generation 250 list, CRN's Triple Crown and highlighted as CRN's Top 150 Growth Companies, holding the #1 spot in 2017, as the fastest growing solution provider in the country.:

As an Application Security Engineer, you will drive the security of our entire product suite. You will have the opportunity to partner with multiple product teams to champion secure coding practices and secure-by-design development principles.

  • Support application security reviews and threat modeling
  • Perform application security vulnerability management
  • Coordinate with product, engineering and other departments to support secure outcomes
  • Assist in building out our product security knowledge base
  • Identify opportunities for automation, partner with engineering and our security teams on implementing automation
  • Improve secure coding practices, application security requirements, automation, training, and metrics
  • Testing and acceptance of security fixes
  • Highly technical engagement with development and systems engineers
  • Understanding software, how it’s designed, how it’s built, and how it can be broken is critical
  • Exposure to and understanding of programming languages and ability to understand code is important
  • Exposure to various application security testing tools and commercial common offerings for application security testing and analysis
  • Familiar with software development processes like Continuous Integration and Continuous Development release cycles, waterfall release cycles, DevSecOps cultural mindsets, and an engineering focused approach to solving common security problems

Requirements

  • A passion for building secure products
  • Experience working with developers
  • Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools
  • Ability to triage, reproduce, and recommend remediations for vulnerabilities
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
  • Experience with web application penetration testing
  • Understanding of different compliance frameworks and their implications in building secure software
  • Knowledge of one or more of the following: (Angular JS, Apache Struts, ASP.NET, Bootstrap, Java, JQuery)
  • Identify solutions for common security problems while participating in a broader agile Application Security team
  • Working on security reviews, building relationships with developers and engineers across the organization
  • Executing complex projects with minimal oversight
  • Responsible for promoting, designing, and evaluating application security in all phases of the application life cycle.
  • Responsible for application security and influencing, building, and assisting with information security challenges within applications.
Job tags: Artificial intelligence ASP.NET Automation Compliance Java Penetration testing Vulnerabilities Vulnerability management
Job region(s): North America Remote/Anywhere
Job stats:  55  2  0
  • Share this job via
  • or