Application Security Engineer (AppSec)

Remote Full-time

Titile: Application Security Engineer Location: Remote Job Description: We are seeking a skilled Application Security Engineer (AppSec) with expertise in Secure Software Development Life Cycle (SSDLC) and DevSecOps practices to join our team. The ideal candidate will have a strong background and practical experience in the planning, implementation and standardization of S-SDL practices including secure coding standards, SAST, DAST, automated testing (CI/CD) for our product application teams and preferably possess knowledge of Synopsys Black Duck Software Composition Analysis (SCA) and related technologies. Responsibilities: 1. Provide guidance, technical and procedural knowledge as to implement and maintain Secure Software Development Life Cycle (SSDLC) processes throughout the software development lifecycle. Provide guidance and support to development teams on secure coding practices and security best practices. 2. Collaborate with product development teams to standardize integrated security functions into DevOps practices (DevSecOps) and CI/CD pipelines. 3. Conduct security assessments, code reviews, and penetration testing to identify and remediate security vulnerabilities. 4. Assist in the development and implementation of security controls and measures to protect applications and data by identifying and addressing code vulnerabilities and deficiencies via CI/CD. 6. Utilize tools such as Black Duck SCA to create Software Bill of Materials (SBOM) to identify and manage open-source software components, dependencies & vulnerability attributions and priorities. 7. Stay updated on industry trends, emerging threats, and best practices in application security and secure-coding methodologies. Requirements: 1. Bachelor's degree in Computer Science, Information Security, or related field. 2. Proven experience in application security, with a focus on secure software development practices. 3. Strong understanding of Secure Software Development Life Cycle (SSDLC) principles and methodologies. 4. Experience with DevSecOps practices within an enterprise context and integrating security into CI/CD pipelines. 5. Ability to engage and work closely with other technical and non-technical team members to align on plans and expected outcomes. 5. Knowledge of common application security vulnerabilities and attack vectors. 6. Familiarity with tools such as Synopsys Black Duck SCA, Open-Source Security & generating Software Bill of Materials (SBOM) is a plus. 7. Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams. 8. Relevant certifications such as Certified Information Systems Security Professional (CISSP) or specific Application Security disciplines such as C|ASE or W|AHS a plus. Apply tot his job

Apply Now →

Experienced Remote Data Entry Clerk – Full-Time and Part-Time Opportunities for Detail-Oriented Professionals in Data Management and Administration

Remote Full-time

Experienced Entry Level arenaflex Remote Data Entry Specialist – Technology and Detail-Oriented Data Management Professional

Remote Full-time

Experienced Remote Licensed Psychiatric and Family Nurse Practitioner – Delivering Holistic Patient Care through Virtual Technology Platforms

Remote Full-time

Experienced Data Entry Specialist – Flexible Remote Work Opportunity at blithequark

Remote Full-time

Experienced Part-Time Data Entry Clerk – Remote Work Opportunity for Detail-Oriented Individuals with Strong Typing Skills

Remote Full-time

Experienced Remote Live Chat Associate – Customer Service & Financial Solutions Expert

Remote Full-time

← Back to Home

Application Security Engineer (AppSec)

Similar Jobs

[Remote] Associate Solution Consultant – Tech Alliances

Application Architect

Application Architect - AWS /Fixed Term Contract/

Epic Applications Architect – Revenue Cycle, Patient Flow

Manager, Application Security

Developer (Application Security Engineer)