Application Security Engineer
D&H Distributing · Harrisburg, PA · 1 mo ago
Information TechnologyFull-time
About the role
Cybersecurity Architects at D&H are responsible for ensuring that systems, services, applications, and infrastructure operate reliably and securely. They must stay updated with the latest security standards, systems, and authentication protocols, as well as best practice security products.
Responsibilities
- Familiarity with the secure SDLC
- Proficiency in at least one programming language
- Experience conducting code reviews from a cybersecurity perspective
- Familiarity with the OWASP Top 10 (e.g., XSS, CSRF, etc.)
- Experience with OAUTH and ADFS
- Experience conducting security assessments, including assessing the security of third-party vendors
- Stay up to date on the latest security and industry trends including their compliance requirements
- Maintain knowledge of cybersecurity frameworks such as NIST and CIS and other security technology by attending workshops and reviewing publications
- Oversee the security controls for the company with minimal oversight
- Design and implement new security technologies with minimal oversight
- Provide training to other members of the team with minimal oversight
- Maintain complex project tasks and interface with various teams with minimal oversight
- Provide thoughts on and assist in developing new features to be added to the SIEM with oversight
- Identify and design new security policies for the organization with oversight
- Aid in maintaining PCI compliance of the organization with oversight
- Aid in the design and implementation of a vulnerability management program with oversight
- Aid in the design, implementation, and enhancement of the security awareness program with oversight
- Effectively deal with rapid change in a positive manner
- Assist in process improvements to enhance the efficiency of current operational procedures
- Coordinate relations with and serve as a liaison between business and IT staff
- Aid in developing short-term and long-term department goals which support long-term strategic goals
- Ensure the coordination and communication of production changes
- Participate in all company/location driven communication efforts, including huddles, department meetings, and other related efforts
- Maintain a positive and professional working relationship with peers, management, support resources, and the community with a constant commitment to teamwork and exemplary customer service to present a professional image of D&H Distributing
- Perform all other duties as assigned by management in a professional and efficient manner
Requirements
- Associates degree in Cybersecurity or similar area of study required or equivalent years of related work experience
- Bachelor’s degree in Cybersecurity or similar area of study preferred
- At least 3-5 years of experience in cybersecurity with application security preferred
- Industry certifications (CSSLP, CASE, CEH, Security+, CISSP, GWEB, CCNA Security or similar) preferred
- Scripting experience in PowerShell, Python or Perl preferred
Qualifications
- Proficiency in web development, .NET, and/or Java
Skills
- Proficiency in at least one programming language
- Experience conducting code reviews from a cybersecurity perspective
- Experience conducting security assessments, including assessing the security of third-party vendors
- Experience with OAUTH and ADFS
- Experience with API security best practices
- Experience with the OWASP Top 10 (e.g., XSS, CSRF, etc.)
- Knowledge of cybersecurity frameworks such as NIST and CIS and other security technology
Benefits
- Employee Stock Ownership Plan
- 401k
- Paid Time Off
- Medical, Prescription, Dental and Vision benefits
- Gym Reimbursement
- Work from Home Reimbursement
- Employee Purchase Program
- Tuition Assistance
- Many other perks and benefits