Lead Cybersecurity Application Security Engineer
KellyMitchell matches the best IT and business talent with premier organizations nationwide. Our clients, ranging from Fortune 500 corporations to rapidly growing high-tech companies, are exceptionally served by our 1500+ IT and business consultants. Our industry is growing rapidly, and now is a great time to launch your career with the KellyMitchell team.
Job Title: Lead Cybersecurity Application Security Engineer
Job Description & Responsibilities
- The ideal candidate will have business acumen, a sound understanding of the Cybersecurity with the ability to think, operate and balance priorities in extreme dimensions strategic and tactical, long-term and near-term.
- The Engineer will provide technical leadership for Application Security Product domain and must be able to solve complex security problems.
- This individual will be expected to work closely with Cybersecurity and Enterprise Architects to build strategy and champion Application Security products and services.
- This is an excellent opportunity for someone who is a self-starter, team player, loves to solve problems and enable secure business practices.
- The candidate will help the team build tools and products to help developers succeed with security, some of which include:
- Enhance and maintain CI/CD integration with IAST solution.
- Review, assess and maintain secure coding training program through custom web forms, API integrations.
- Build and maintain system to measure and report on KPIs of edge protection products (WAF, DDoS protection, et al).
- Support and maintain high availability of integrations and systems.
Skills, Experiences, Knowledge
- Bachelor’s Degree or work experience in Computer Science, Engineering, or related field.
- 5+ years work experience programming in Java and Python, including building integration with APIs, using Linux, and explaining how to use, share and maintain these products through effective documentation.
- 2+ years in application security, experience working output from SAST, DAST, and IAST solutions, including in-depth experience exploiting, mitigating and explaining OWASP Top 10 vulnerabilities.
- Experience building CI/CD pipelines and building plugins, including experience with Java, Groovy and Python.
- Experience supporting and maintaining high availability systems using a DevOps mentality ("you build it, you support it").
- Experience with security technologies such as Web Application Firewalls, Code Analysis Tools, Bot Mitigation, etc.
- Experience deploying apps on application platform such as PCF or Kubernetes. Strong problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.