JOBSEARCHER

Application Security Engineer w/ Static Code

ARCHIVED

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

Application Security EngineerLocation: Hybrid in Irving, TX OR Wilmington, DE OR Des Moines, Iowa (Must be local to these locations.. no relocation) Duration: 12+ monthsClient is ready to hire within this week.. THE RESOURCE DOING THIS JOB UNEXPECTEDLY MOVED (NOT OUR CANDIDATE) AND IT MUST BE BACKFILLED QUICKLY!!! No lead experience required or special tools. We need a senior Application security engineer. We need a senior (12+ years) Application security engineer with excellent experience working as a hands-on engineer with cross-vertical technical expertise encompassing penetration testing strategy and execution, vulnerability management, static code analytics, and policy compliance. Must have experience in Information Security or a related role encompassing security compliance, penetration testing, vulnerability management, and/or static code analysis. Lead initiatives and projects to support and enhance our application security initiatives which include penetration testing capabilities and static code.The manager would like to see security certifications. Veracode and CheckMarx are a big plus but not required. This position must be hybrid 2 days a week in Irvine/Dallas, TX, Wilmington, DE to Des Moines, IOWA.Skills - Year of ExpApplication Security EngineerStatic Code AnalysisPenetration testing/vulnerability management – VERACODE IS A PLUS+Excellent Comms - RequiredJob Description: We are looking for a versatile and leader with hands-on engineer with cross-vertical technical expertise encompassing penetration testing strategy and execution, vulnerability management, static code analytics, and policy compliance. Here, you'll sit directly at the intersection of technical innovation and business engagement. You'll actively partner with our engineers along with our Security Management and Senior Leadership teams to lead initiatives across our highly distributed, multi-national footprint. You'll engage in both project execution and project leadership, working side by side with our Director of Vulnerability Management to ensure the fluid continuity of compliance programs across the enterprise. And as we continue to standardize our security posture, you'll have opportunities to influence change and see the impact of what you're doing each and every day to secure our global infrastructure. Key functions include but are not limited to the following:Lead initiatives and projects to support and enhance our application security initiatives which include penetration testing capabilities and static codeBring your ideas forward, evaluating how to optimize the tools we're using and exploring technologies that could continue to enhance our security posture and ensure solutions scalabilityDevelop and lead projects to continually analyze source code, pinpointing and remediating potential vulnerabilities upon discoveryManage compliance scanning process across the enterprise to identify and remediate potential risks and vulnerabilities as expeditiously as possibleContinuously communicate that status of our security compliance projects and programs to provide updates and obtain buy-in from global engineering, business, security management, and senior leadership teamsQualificationsMinimum of 10+ years of experience in Information Security or a related role encompassing security compliance, penetration testing, vulnerability management, and/or static code analysisPrior experience leading projects and/or as a supervisor or team lead preferredBachelor's degree in Computer Science, Information Security, Network Engineering, or a related technical discipline required; prior experience may substitute for educationDemonstrate proficiency in commonly used Penetration Testing ToolsDemonstrate proficiency in Web Application scanning toolsDemonstrate experience and proficiency in a Static Code Analysis Tool (For example: Veracode, Fortify, Checkmarx, etc.)Proven ability to engage with and secure buy-in from business, technical, and executive stakeholders required