Career Opportunities

InfoArmor is an Equal Opportunity Employer.

Application Security Professional

Timing: Full-time
Location: Scottsdale, AZ

Description

The Application Security Engineer will report to the Director of Security Engineering and will work closely with the software development team to assist in security requirements, threat modeling, web application security penetration testing and provide secure SDLC guidance. 

Primary Responsibilities
      • Draft application security policies and standards that can be leveraged in the secure development of products and services.
      • Educate engineering employees on secure coding and development best practices.
      • Assist in tools identification, onboarding and/or tools development to assist developers in the secure development of applications.
      • Configure, run and monitor automated security testing tools
      • Conduct manual security testing of web applications and supporting environments
      • Help develop secure code requirements
      • Assist in code review and testing
      • Assist in meeting organizations compliance requirements as well as providing compliance artifacts
      • Build process and technology to streamline the reporting and prioritization of identified weaknesses.
Skills and Experience
      • Bachelor’s degree in computer science, information systems, computer engineering, or a related discipline preferred
      • 3+ years of experience working in application security, and/or secure software development (both a detailed technical knowledge and hands-on practice)
      • Penetration Testing or Systems Security Engineer experience (at least 2 years)
      • Expert knowledge and implementation of secure application architectures, encryption technologies, cryptography and key management, and authentication and control of application permissions
      • Direct experience with secure application development and application security risk mitigation techniques
      • Knowledge of the common application layer vulnerabilities and the ability to explain these risks to developers
      • Knowledge of tiered application architectures, web applications, APIs and mobile applications
      • Experience securing platform web APIs
      • Experience with one or more general purpose programming languages including but not limited to: Java, React, PHP , Python and JavaScript.
      • Versed with recent versions of the OWASP Top Ten for web application security
      • Detailed understanding of and experience with web application deployments supporting e-commerce always available service.
      • Experience working in DevOps, continuous integration and Agile, including design of security solutions, including creating artifacts, models, and strategy presentations
      • Active professional security certifications (e.g., CISSP and, GIAC - GWAPT or GPEN, Offensive Security Web Expert (OSWE) or other similar industry qualification)
      • Strong written and verbal communication skills
      • Experience working in a dynamic organization, achieving goals through partnership and collaboration

 

InfoArmor is an Equal Opportunity Employer.

Apply for this position!