Our client is looking to hire an Application Security Engineer to work in collaboration with the corporate application development teams. The position will be accountable for application security of corporate applications. You'll work with Application Development teams to identify application assets, data flows, threats, and required cyber security controls, as well as with Application Security Testers to measure the effectiveness of identified cyber security controls.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
*Bachelor's degree in Cyber Security (or) related degree and experience
*5-8 years of experience in Cyber Security
2+ years of experience in Agile and writing user stories
*2+ years of experience in Application Security and Threat Modeling, as well as application development or application secure code review
*Understanding of API and Web security vulnerabilities
*2+ years of experience using Octave or Stride
*Experience working within a DevSecOps environment
*Microsoft Shop experience - .net, ruby python, PHP, java production apps.
*Experience in security coding, source code management, and/or build and deployment technologies
*Experience with web application firewalls
*Familiarity with OWASP Top 10 API, Web, and Mobile Application Security Risks
*Familiarity with MITRE CWE Top 25 Most Dangerous Software Weaknesses
*CDP, CISSP, E, CDE or other relevant certifications
*Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, CIS, HiTrust, ISO 27001, NIST, etc.)
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.