Our client is seeking aSenior Application Security Engineer, to play a critical role in ensuring the security of applications and infrastructure for connected services. This role is responsible for designing, implementing, and maintaining security solutions to remediate identified vulnerabilities and involves active participation in application development.
Essential Functions:
- Engineers need to have strong development skills in Java, GoLang, AWS services, and possibly mobile application development.
- Hands-on development experience is crucial as this role requires active development involvement.
- Conduct security assessments on applications, including static and dynamic code analysis, to identify vulnerabilities. Provide detailed reports and artifacts, along with recommendations for remediations.
- Work collaboratively with multiple teams to remediate identified vulnerabilities and engineer solutions to meet security standards and guidelines.
- Assess and enhance the security posture of cloud-based environments, such as AWS.
- Respond to information system security incidents, including investigating, implementing countermeasures, and recovering from computer-based attacks, unauthorized access, and policy breaches. Coordinate with third-party incident responders, including law enforcement.
- Develop and maintain application security controls and countermeasures.
- Collaborate on security research activities, such as testing tools and assessing emerging threats that may impact cybersecurity.
Competencies:
- Strong problem-solving skills and ability to perform under pressure.
- Effective leadership, diplomatic negotiation, and motivational skills.
- Excellent communication skills, with the ability to articulate clearly, persuasively, and positively.
- Strong interpersonal skills, capable of effectively collaborating across all levels of an organization.
- Demonstrated accountability, self-motivation, and a collaborative approach within a small, cross-functional team.
- Ability to adapt quickly to new processes and technological changes.
Additional Skills (added):
- Proficiency with GitLab for version control and CI/CD pipelines.
- Experience with Datadog for monitoring and analytics.
- Familiarity with AWS security services and best practices.