Jobs · Information Technology · Maryland

Application Security Engineer

Tential Solutions · Rockville, MD · 1 wk ago
Information TechnologyContract

Job Responsibilities

  • Perform security assessments and manual penetration testing using tools such as Burp Suite and other proxy tools.
  • Triage static (SAST), dynamic (DAST), interactive (IAST) analysis results to identify, prioritize and remediate security vulnerabilities.
  • Integrate security practices into C/CD pipeline to support DevSecOps initiative.
  • Maintain documentation of security findings, remediation plans, and compliance requirements.
  • Develop and interpret security policies and procedures.
  • Participate in security compliance efforts.
  • Develop and deliver training materials and perform general security awareness and specific security technology training.
  • Evaluate and recommend new and emerging security products and technologies.
  • Leverage GenAI technologies to scale application security reviews and automate code analysis.
  • Evaluate various application security tools/capabilities i.e., SAST, DAST, IaC, Secrets detection tools.
  • Stay current with emerging security threats and countermeasures.
  • Able to train or explain the common security issues to raise the security awareness among developers and assurance engineers.
  • Perform AWS configuration reviews.

Qualifications

  • Bachelor's degree in a technical field such as computer science, computer engineering or related field required.
  • 5+ years of experience required in Cyber security and application security.
  • Familiarity with SAST, DAST, IAST tools.
  • Understanding of AWS is required.
  • Deep understanding of OWASP top issues and remediation guidelines.
  • Proficiency in one or more programming language (Java, Python, JavaScript is preferred).
  • Understanding of CI/CD tools such as Jenkins and GITLAB.
  • Familiarity with GenAI tools is a plus.
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
  • Candidates with software development background is a plus.
  • Consistent implementation of security solutions.
  • Experience in infrastructure or application-level vulnerability testing and auditing.
  • Certifications like GWAPT, OSWE, Burp Suite Certified Practitioner are good to have.

Similar jobs

Application Security Engineer

Booz Allen HamiltonUtah, United States· 1 wk ago
Information Technology$87k–$198k/yrapply on careers.boozallen.com