Enable America Jobs

Job Description

As an Application Security Engineer, you will drive the security of our entire product suite. You will have the opportunity to partner with multiple product teams to champion secure coding practices and secure-by-design development principles.

RESPONSIBILITIES:

• Support application security reviews and threat modeling

• Perform application security vulnerability management

• Coordinate with product, engineering and other departments to support secure outcomes

• Assist in building out our product security knowledge base

• Identify opportunities for automation, partner with engineering and our security teams on implementing automation

• Improve secure coding practices, application security requirements, automation, training, and metrics

• Testing and acceptance of security fixes

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

• 7+ years in the Application Security space

• Familiarity with the OWASP Top 10

• Strong understanding of SAST and DAST technologies (preferably Veracode)

• Experience with BlackDuck

• Container/IaC tool exposure (preferably Snyk)

• Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools

• Ability to triage, reproduce, and recommend remediations for vulnerabilities

• Understanding of software security threats, exploits and prevention (SQL Injection, XSS, CSRF, platform hardening, etc.)

• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner - Experience with threat modeling

• Familiarity with the OWASP Application Security Verification Standard

• Experience with web application penetration testing

• Experience with containers

• Experience with Kubernetes

• Understanding of different compliance frameworks and their implications in building secure software

• Knowledge of one or more programming language null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.