EPITEC

Senior Application Security Engineer

EPITEC 美国 伊利诺伊州 芝加哥

保存

EPITEC提供的薪酬范围

此薪酬范围由EPITEC提供。您的实际薪酬根据您的技能和经验而定 — 跟招聘人员沟通,了解更多信息。

基本薪酬范围

US$73.00/小时 - US$83.00/小时

直接发消息给EPITEC的职位发布者

Epitec


POSITION:

Senior Application Security Engineer


JOB TYPE:

W2, hybrid (2 days in office), Full-time, ongoing contract


LOCATION: Chicago, IL OR Peoria, IL


JOB SUMMARY FOR SENIOR APPLICATION SECURITY ENGINEER:

  • We are seeking a Senior Application Security Engineer to join our leading client's team.
  • As a Senior Application Security Engineer, you will work as a technical leader within a portfolio of related applications to guide software engineers on cybersecurity issues, influence security and prioritization decisions at the bug or story level, and act a trusted partner in their mission to deliver solutions securely.
  • Pay Range: $73- $83/hour depending on experience and benefits package


RESPONSIBILITIES FOR SENIOR APPLICATION SECURITY ENGINEER:

  • You will be responsible for delivering a suite of security services according to internal processes and standards, including:
  • Security Defect Management - Analyzing, validating, communicating, and consulting on security defects identified by both automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc. In other words, our security engineers are partners to software engineers who require accurate information on why a vulnerability exists and what they can do about it.
  • Tool Enablement - Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established process.
  • Security Test Onboarding & Management – Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our Defect Management Process.
  • Maturity Measurement – Consulting with software engineers on practices which will improve their application’s security maturity according to scorecards and maturity models established by Digital.
  • Correction of Error – Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Digital avoid similar mistakes in their own applications.


REQUIRED EXPERIENCE FOR SENIOR APPLICATION SECURITY ENGINEER:

  • Minimum of 5+ year exp in cloud architecture.
  • College degree not required.
  • Desired: Bachelor’s degree (or equivalent) in Computer Science, Software Engineering, Cybersecurity, Electrical Engineering, or a related discipline.
  • 5+ years of experience as a software engineer (in any language or framework) or software engineering manager
  • 5+ years of experience as a software development-focused cybersecurity professional
  • 5+ years of experience working on a major cloud platform (AWS, Azure, GCP, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect.
  • Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc.
  • Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10, MITRE Common Weakness Enumeration (CWE) Top 25, OWASP Application Security Verification Standard (ASVS) and Other industry-standard best practice guides or frameworks
  • Experience building or supporting web applications and API’s including Single Page Applications (SPA) and RESTful API’s.
  • Proficiency in one or more programming languages.
  • Decision-Making Ability – Our engineers make sound, justifiable, customer-first decisions to determine which security issues to raise to software engineers/leaders and support work prioritization decisions.
  • Strong Communication – Our engineers relate complex technical concepts to non-technical audiences and technical audiences without a security background. Additionally, the Digital team spans the globe, and our engineers must collaborate effectively with engineers from a number of locations and cultural backgrounds.
  • Active Participation – Software engineering is not a “spectator sport”. The input and experience our engineers bring to the table are valued and should be shared freely. Similarly, engineers are relied upon to complete complex assignments at a high level of quality with limited supervision.
  • Role requires strong communication with leadership and managers.
  • Desired: Professional certifications in either cybersecurity or software engineering, such as: Associate or Professional-level certifications from a major cloud provider (AWS, Azure, GCP, or Salesforce), CompTIA Security+, Cloud+, etc., ISC2 Certified Software Lifecycle Professional (CSLP)
  • Background in problem identification, root cause analysis, and process improvement.
  • Excellent writing abilities and experience writing technical analysis and reports for consumption by software engineers, architects, and managers.
  • Experience as a software or security engineer as an employee or contractor of a Fortune 500 company.
  • Experience as a software or security engineer on eCommerce, device telematics, data analytics, or mobile applications.


Why should you choose Epitec?

We started Epitec with a single focus, “Placing People First.” Knowing every good endeavor begins with listening and understanding, we’ve set about challenging every part of the employment process. Bringing the proper connections together for the perfect fit.


How is Epitec different?

Epitec gets to know our prospective employees, using these insights to locate the perfect placement for you. We are there, every step of the way. Providing a best-in-class compensation package combined with the opportunity to grow financially and personally through your work.


What is the result?

Epitec represents the world’s top companies and works to fill their open jobs with the world’s best talent. That’s led to Epitec servicing an impressive list of Fortune 100 companies. We've also won many awards, including one of Crain’s Detroit Business “Cool Places to Work,” and 101 Best & Brightest – local, national and elite winner. And that’s just the beginning, as we work to innovate the way the world thinks about employment.

  • 职位级别

    中高级
  • 职位性质

    全职
  • 职能类别

    信息技术
  • 所属行业

    建筑业

找人内推,获得EPITEC面试的机会可以提高 2 倍

找找认识的领英会员
新职位发布时接收通知。

相似职位

看过本页的会员还看了

相似搜索

查看协作文章

我们将以全新的方式解锁社区知识。专家直接在借助人工智能撰写的文章中添加见解。

查看更多