Application Security Engineer
The Application Security Engineer is responsible for serving as a key resource for static code analysis, remediation guidance, wiki administration, and Application Security vendor due diligence. This position reports to the Director of Application Security.
- Serve as a focal point for static code analysis interpretation and remediation guidance.
- Serve as the primary Application Security wiki administrator.
- Contribute to Application Security online resources and guidance.
- Champion Secure SDLC integration and adoption.
- Contribute to maturing process, policy, and standards guidance.
- Build solid working relationships with key application development stakeholders to maintain and improve application security process and tool adoption.
- Assist in the development of security tools, libraries, and SDK's.
- Research emerging technologies and maintain awareness of current security risks.
- Knowledge of security concepts for Internet technologies, architectures, and protocols.
- Knowledge of application security concepts.
- Experience mitigating a range of application vulnerabilities using code analysis tools.
- Knowledge of coding/scripting languages such as C#, C++, Java, SQL, VBScript, and ASP.
- Familiarity with cloud based security standards and frameworks.
- Knowledge of SDLC practices.
- Understanding of the bankcard industry desired.
- Bachelor’s Degree (CIS, CS, IS programs desired)
- Professional security certification desired (CISA, CISSP, etc.)
- Service focused
- Motivated self-starter
- Superb communicator