Application Security Engineer

Ledgent Technology
Portland, OR
07 Mar 2025

Vacancy expired!

We are partnering with our long-term business partner looking for an Application Security Engineer to provide application security testing services to ensure consistent secure software development practices. This is a remote contract to hire opportunity, must be located in the operating states of; WA, OR, ID, CA, NV, AZ, CO, or UT. Our focus is on building a DevSecOps culture working closely with our product and software development teams. In this role, you will serve as an expert by defining, supporting, and managing solutions that partner with cloud operations and application development teams to deliver business value.

Please No C2C, Third Party or Sponsorship for this role.

Must be located in one of the following states; WA, OR, ID, CA, NV, AZ, CO, or UT

Responsibilities:
  • Support continuous delivery of application vulnerability scanning, remediation, and reporting across various platforms and architectures
  • Manage application vulnerabilities scanning tools (DAST, SAST, and SCA) such as Veracode, SonarQube, and OWASP Dependency Checker
  • Onboard applications into SAST, DAST, and SCA scanning solutions
  • Tune false positives and validate findings with our application development teams
  • Provide education on security practices or methodologies to resolve vulnerabilities
  • Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities at scale
  • Partner with the application development function to support streamlined, automated, and effective CI/CD pipeline security testing
  • Drive a culture of DevSecOps, creating reporting and self-service capabilities to drive more ownership and accountability for security across functional teams

Requirements:
  • Working knowledge and experience with multiple security domains (e.g., application security, vulnerability reduction, data protection, encryption, logging and monitoring, network security)
  • Subject Matter Expert (SME) experience with Secure Software Development Life Cycle (SSDLC) (e.g. risk assessments, threat modeling, static code analysis, code reviews and dynamic application scanning)
  • Experience working with modern development practices (e.g. micro services, containers, orchestration, continuous integration & delivery pipelines)
  • Experience working in regulated industries leveraging information security management frameworks and industry recognized best practice / standards (e.g. FFIEC CAT, NIST, ISO, and PCI)
  • Certifications a plus, i.e., CISSP, CCSP, CRISC, CISA

We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
  • ID: #49421707
  • State: Oregon Portland 97212 Portland USA
  • City: Portland
  • Salary: US100000 - US120000 per annum
  • Job type: Contract
  • Showed: 2023-03-07
  • Deadline: 2023-05-05
  • Category: Et cetera