Software Developer/ Engineer/ Architect

Application Security Engineer

  • Poppulo
  • Ireland
  • December 06, 2021
Application Security Engineer Engineer

Our partner, Four Winds Interactive is actively seeking an Application Security Engineer to help them implement and maintain best security practices in our SDLC, which includes but is not limited to, “Privacy by Design” principles, SD3+C methodologies, threat modeling, auditing, security awareness training for engineering, and application vulnerability scanning. This is an incredible opportunity for someone with a strong background in application security principles, to join a growing security team at FWI. An ideal candidate will have a background in Engineering/Development, be an excellent collaborator, a leader, and want to make a large impact in a global organization.

Responsibilities:

  • Facilitate our secure SDLC which includes AVS scanning, SD3+C, and PD3+C methodologies, etc.
  • Perform risk assessment of third-party software libraries and open-source software.
  • Participate in cross-functional team meetings on security design and implementation.
  • Perform threat modeling using DREAD and STRIDE.
  • Ensure that software security complies with security frameworks, contractual commitments, and industry best practices.
  • Own and perform application security vulnerability management using both static and dynamic scanning.
  • Create and maintain documentation related to application security and processes.
  • Develop detailed vulnerability reports for application owners and management teams.
  • Collaborate with Product and Development on vulnerability remediation timelines
  • Determine validity of vulnerability findings from scanning tools and third-parties.
  • Facilitate secure coding training for Software Engineers.
  • Author and maintain security whitepapers for FWI products and services
  • 3-5 years of experience performing network and application security testing preferred.
  • Experience in software engineering working in .NET, JavaScript, React, HTML, AWS, Azure, Micro Services, and AWS-based lambda.
  • 2+ years working on security principles in software engineering with expert knowledge in Open Web Application Security Project (OWASP) security principles.
  • Working knowledge of software and configuration vulnerabilities.
  • Experienced in Network, Web, and Mobile device vulnerabilities
  • Familiarity with application and endpoint vulnerability scanners.
  • Excellent organizational, analytical, verbal, and written communication skills are essential.
  • Strong customer service skills to participate in application security discussions.
  • Ability to run a variety of projects simultaneously and willingness to learn new tools and security testing methodologies in a team-oriented environment.
  • Familiarity with common security libraries, security controls, and common security flaws.
Apply
Related News