Application Security Engineer - Remote

Description:Description: Summary: The main function of a Software Security Engineer is to assess software security by performing security testing, participate in code reviews and work in partnership with software development teams to ensure that appropriate software security controls have been designed and built within applications. Job Responsibilities: Perform software security testing at a unit, functional, and system wide level Perform manual and/or automated secure code reviews Lead threat modeling activities Assist development teams in designing, developing and implementing integrated software security solutions Conduct security risk analysis of business and technology projects Participate, as needed, in documenting software security standards, guidelines, policies and procedures Act as Software Security resource on assigned projects Creates reusable software security artifacts Develop and/or deliver software security focused training Qualifications: Bachelor's degree in Computer Engineering, Computer Science, Software Engineering or a related field8+ years experience Programming/development experience using C#, .NET or other applicable programming experience QA, test automation, and test design experience Experience performing automated and/or manual code reviews Experience in a group development environment as a software engineer or QA engineer or build/release engineer Experience with interpreting policies and appropriately applying them to projects Experience writing technology-specific best practices Additional Skills and Experience Required Skills 1. Application Security (AppSec) domain knowledge/experience, including ALL of the following: 1. Manual source code review 2. Experience analyzing DAST/SAST scan results (not just running the tools); Ideally with AppScan or Netsparker, and Checkmarx 3. Application penetration testing; ideally with BurpSuite 2. Solid Java Knowledge, and ideally at least historical Development Skills; e.g. a good understanding Core Java and ideally relevant frameworks (e.g. Spring, Hibernate, …). 3. Strong understanding of both Web Application and Web Service architectures, as well as associated protocols 4. Networking fundamentals (ideally security-centric) 5. Demonstrated history of making Security their career path through roles held and credentials obtained Highly Desirable Skills 1. Python Knowledge + Development Skills 2. Capture the Flag (CTF) / red team exercise experiences. 3. Web Application Firewall (WAF) knowledge/experience 4. AWS Development Skills (e.g. ideally not just AWS Console access, but API level exposures) OR solid AWS Security knowledge. 5. Relevant Credentials, such as (Masters in Cybersecurity, OSCP, CEH) 6. Any of the following additional credentials - (NTH but not required) - Microsoft 365 Security Administration - Microsoft Azure Security Technologies - Certified Cloud Security Professional (CCSP) - AWS Certified Solutions Architect - AWS Certified Security Specialty (Associate or Professional)Skills:AWS, BurpSuite, DAST, SAST, appscan, java, pythonTop Skills Details:AWS,BurpSuite,DAST,SASTAdditional Skills & Qualifications:100% Remote SQL injections / HTTP Request Cloud experience. FINRA is all AWS, but open to Azure or GCP experience as well Understanding of OWASP 10 - Understand the mechanicsExperience Level:Expert LevelAbout TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.We are an equal opportunity employers and will consider all applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. To view the EEO is the law poster click here. Applicants with disabilities that require an accommodation or assistance a position, please call 888-472-3411 or email mpowers@teksystems.com. This is a dedicated line designed exclusively to assist job seekers whose disability prevents them from being able to apply online. Messages left for other purposes will not receive a response.