Cyber Security Engineer

Diversified Services Network, Inc. (DSN) is seeking a full-time Cybersecurity Engineer to join our team in Peoria, IL/Chicago, IL! We offer HYBRID work model, full benefits, PTO, 401k, and more! If you're looking to grow your technical career within an extremely reputable, stable Fortune 500 company - let's talk!

Join the Security team to build software solutions that drive automation and security into the application development lifecycle. You will have deep integration with applications as they move from an idea into a solution, integrating Security and DevOps practices and enabling delivery for Digital Applications. Be a part of the team that is using innovative solutions and methods to securely enable, build, and deploy modern applications and software.

As a Senior Application Security Engineer, you will work as a technical leader within a portfolio of related applications to guide software engineers on cybersecurity issues, influence security and prioritization decisions at the bug or story level and act a trusted partner in their mission to deliver solutions securely.

JOB RESPONSIBILITIES:

Build software solutions that drive automation and security into the application development lifecycle.

Security Defect Management Analyze, validate, communicate, and consult on security defects identified by both automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc.

Tool Enablement - Enable and monitor automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established process.

Security Test Onboarding & Management -Collect and communicate require scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our Defect Management Process.

Maturity Measurement – Consult with software engineers on practices which will improve their application’s security maturity according to scorecards and maturity models.

Correction of Error – Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects

EDUCATION & EXPERIENCE REQUIRED:

Bachelor’s degree in computer science, software engineering, cybersecurity, electrical engineering, or related field.

Associate or Professional-level certifications from a major cloud provider (AWS, Azure, GCP, or Salesforce), CompTIA Security+, Cloud+, etc.

ISC2 Certified Software Lifecycle Professional (CSLP).

5+ years’ experience in cloud architecture.

5+ years’ experience as a software engineer (in any language/framework) or software engineering manager.

5+ years’ experience as a software development-focused cybersecurity professional.

5+ years’ experience working on a major cloud platform (AWS, Azure, GCP, Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect.

REQUIRED SKILLS:

Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc.

Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10, MITRE, Common Weakness Enumeration (CWE) Top 25, OWASP, Application Security Verification Standard (ASVS) and other industry-standard best practice guides or frameworks.

Experience building or supporting web applications and API’s including Single Page Applications (SPA) and RESTful API’s.

Proficiency in one or more programming languages.

DESIRED SKILLS:

Experience as a software or security engineer as an employee or contractor of a Fortune 500 company.

Experience as a software or security engineer on eCommerce, device telematics, data analytics, or mobile applications.

SOFT SKILLS REQUIRED:

Strong communication with leadership and managers.

Ability to make sound, justifiable, customer-first decisions to determine which security issues to raise to software engineers/leaders and support work prioritization decisions.

Relate complex technical concepts to non-technical audiences and technical audiences without a security background.

Ability to collaborate effectively with engineers from several locations and cultural backgrounds.

Excellent writing abilities and experience writing technical analysis and reports for consumption by software engineers, architects, and managers.

Benefits:

401(k)

Dental insurance

Vision Insurance

Disability insurance

Employee assistance program

Health insurance

Health savings account

Life insurance

Paid time off

Paid Holidays

Please follow the link to our website for a list of job openings in Engineering, IT, Project Management, and more! https://www.dsnworldwide.com