Job Search Assistant

Application Security Engineer

RightTalents LLC • New York, NY 10261 • Posted 2 days ago via LinkedIn

Boost your interview chances in seconds

Tailored resume, cover letter, and cheat sheet

Hybrid • Full-time • Temporary • Contract • Senior Level

Job Highlights

Using AI ⚡ to summarize the original job post

The Application Security Engineer at RightTalents LLC will work with product development, management, engineering, and operational teams to develop security architectures supporting compliance, customer requirements, and operational SLAs. This role involves providing practical guidance to engineering teams, developing and implementing Secure Development Lifecycle processes, assisting in threat modeling, and identifying technical solutions to mitigate security vulnerabilities.

Responsibilities

Work with product development, management, engineering, and operational teams to develop best of breed security architectures.
Provide practical guidance to engineering teams to support the implementation of security controls, guidelines, recommendations, and best practices.
Develop and implement Secure Development Lifecycle (SDL) processes and tools, integration to CI/CD.
Assist engineering teams in performing Threat Modeling, identify application threats/vulnerabilities and recommend mitigation strategies.
Assist teams in identifying mitigation approaches for vulnerability and static/dynamic scan results.
Identify technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks.

Qualifications

Required

Strong understanding of application security and industry standards and best practices (OWASP / SANS / NIST).
Strong understanding of SDLC and Secure Development Lifecycle (SDL) including performing threat modeling and risk assessments.
Strong understanding of integration of security in CI/CD pipeline, DevOps, DevSecOPS.
Experience designing and implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation).
Must be a self-starter and able to work well with others in a fast-paced agile environment with an emphasis on collaborating and assisting the team to meet business objectives.

Preferred

3+ year experience in tools like SD Elements, Veracode, Tenable, Rapid7 or equivalent products.
Experience integrating tracking of issues with Service Now plus.
10 years of Information Technology experience
5 years of Application Development Experience
7+ years of security engineering experience
Bachelor’s degree in information security/systems or related experience
CISSP / CCSP certification

Full Job Description

Title: Application Security Engineer

Client: NYC Agency

Location: Manhattan, NY - Hybrid. 3days onsite / 2 days remote

Duration: 12 Months

Work Hours: 35 Hours/ week (7hrs a day)

Job description

Work with product development, management, engineering and operational teams to develop best of breed security architectures supporting compliance (e.g. NYC Privacy Law, NYC Citywide Security Policies, HIPAA, SHIELD Act), customer requirements and operational SLAs
Provide practical guidance to engineering teams to support the implementation of security controls, guidelines, recommendations and best practices
Develop and implement Secure Development Lifecycle (SDL) processes and (automated / devops) tools, integration to CI/CD
Assist engineering teams in performing Threat Modeling, identify application threats/vulnerabilities and recommend mitigation strategies
Assist teams in identifying mitigation approaches for of vulnerability and static/dynamic scan results
Identify technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks

Experience

Strong understanding of application security and industry standards and best practices (OWASP / SANS / NIST)
Strong understanding of SDLC and Secure Development Lifecycle (SDL) including performing threat modeling and risk assessments
Strong understanding of integration of security in CI/CD pipeline, DevOps, DevSecOPS
Experience designing and implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation)
Must be a self-starter and able to work well with others in a fast-paced agile environment with an emphasis on collaborating and assisting the team to meet business objectives

Qualifications:

3+ year experience in tools like SD Elements, Veracode, Tenable, Rapid7 or equivalent products.
Experience integrating tracking of issues with Service Now plus.
10 years of Information Technology experience
5 years of Application Development Experience
7+ years of security engineering experience
Bachelor’s degree in information security/systems or related experience
CISSP / CCSP certification a plus

Search for other jobs like this one:

Application Security Engineer jobs in New York, NY

Search for popular related roles:

System Security Engineer jobs in New York, NY Senior Security Engineer - Application Security jobs in New York, NY Lead Application Security Engineer jobs in New York, NY Applications Security Engineer jobs in New York, NY Apps and Frameworks Software Engineer - Security jobs in New York, NY Security Software Engineer, Systems Security jobs in New York, NY Application Security Specialist jobs in New York, NY Software Engineer (Information Security) jobs in New York, NY Security Software Engineer jobs in New York, NY Platform Security Engineer Manager jobs in New York, NY

Search nearby locations hiring for this role:

Use AI to boost your interview chances for free ✨

We'll create you a professional resume
We'll customize your resume for this job to maximize your interview odds
If you get the interview, we'll provide free interview support to help you get the job

"I got a job after 9 months of unemployment...I am so grateful for EarnBetter!"

-Dawn