This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Bringing you the hottest job offers in California

To post a job, login or create an account |  Post a Job


Senior Application Security Engineer


This is a Full-time position in Woodland Hills, CA posted June 10, 2021.

Rol Senior Application Security Engineer Work Location Woodland Hills, CA (Initially Remote) Duration Long Term Job Functions Serve as a primary technical security resource on all product development. Perform design reviews and technical security assessments to highlight risk and help engineering teams improve the overall security of our products. Design and implement security best practices and standards across varied engineering teams and environments. Implement and conduct code reviews with a combination of static testing, manual reviews, and dynamic analysis pen-testing. Conduct threat modelling, identify drive risk decisions, and influence technical designs and architectures. Engage with developers to provide remediation support. Perform security reviews of new services and features. Build tools to simplify and automate Vulnerability Management processes Providing engineering designs to mitigate security vulnerabilities in new software solutions. Design and implement tooling and automation for application security (e.g. SASTDAST in CICD) Performing regular security testing as well as code reviews for improving the software security Maintaining technical documentation related to software security. Ensuring software security at all levels of architecture Staying updated with latest tools and advanced industry practices for software security. Advocate for security culture and educate colleagues across all parts of UMG. Job Requirements Essential In-depth technical and foundational knowledge of software engineering, computer systems, security engineering, authentication, andor applied cryptography. Solid knowledge of all web technologies, especially web services, web applications, Service Oriented Architectures, and networkweb protocols Sound knowledge of all procedures, standards, and regulations for authorization and authentication, applied cryptography, and security vulnerabilities. Software engineering experience in all phases of the software development lifecycle. Strong experience in web security and federation protocols (SSLTLS, REST, OAuth, SAML, LDAP-S, SAML, WS-Federation, SCIM, OAuth, and OIDC, XSS, etc.) Experience working with AWS or other cloud environments (developmentarchitecture) Experience with cloud and web application security standards (OWASP ASVS, SANS 25, etc.) Understanding beyond the OWASP Top 10 by explaining the level of risk to the business. 5+ years of experience in software development in one or more of the following programming languages, .NET, Python, Java, JavaScript (NodeReact), andor Go Comfortable with tools like, BluBracket, NoName Api security, Burp Suite, OWASP ZAP, CheckMarx, Veracode, App Spider etc. A deep interest in knowing latest industry advancements in software security along with implementing them. An analytical mind with a problem-solving attitude Excellent organizational and communication skills Desirable A Bachelor’s degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity, Information Security, or a related technical field. 10+ years of hands-on technical experience. Experience in Docker, Terraform, Kubernetes. Experience working in an Agile development environment. Experience with regulatory requirements, and aligning security standards, frameworks, and corporate policy with overall business and technology strategy. Experience securing operating systems, networks, and low-level infrastructure. Experience with attacker tactics, techniques, and procedures, and corresponding mitigation methods. Plus Experience with automation tools like Ansible, Chef, Puppet, Jenkins Experience with automated application testing toolsframeworks e.g. Selenium, SonarQube Experience with Web Application Firewalls (WAF) Knowledge of ADAzure AD and Azure AD B2B B2C , Okta Multiple language skills Best Regards, Hemant Chouhan Recruitment Lead 2401 15th Street NW, Washington DC – 20009 USA (+1) 408-641-3278 Linkedin linkedin.cominhemant-chouhan-3b87b0a6 httpswww.linkedin.cominhemant-chouhan-3b87b0a6