Lamwork
Application Security Engineer
Lamwork, Santa Clara, California, us, 95053
APPLICATION SECURITY ENGINEER RESUME EXAMPLEUpdated: July 26, 2024 - The Application Security Engineer plays a crucial role in ensuring the resilience and scalability of web applications, advising on secure design principles, and addressing security issues. Responsibilities include validating, tracking, and prioritizing security issues, developing internal security tools, and participating in security incident response. Additionally, they contribute to security compliance efforts, evaluate new security technologies, and promote a culture of security awareness across development teams.Application Security Engineer Positions
1. Application Security Engineer, Intel Corporation, Santa Clara, CA
Job Summary:Define, plan and oversee security initiatives and processesLead, motivate, and inspire both your fellow Engineering Organization to drive toward the SecOps visionTriage security issues found and allocate to the right functions to address themBuild and manage tooling to improve our securityImplement security fixes on both infrastructure and applicationsBuild and manage strong relationships with Product and Engineering leaders across the organizationBuild awareness and support for security to integrate SecOps into the cultural fabric of the organizationCollaborate with peers to creatively solve problems and drive department-wide objectivesWork closely with the InfoSec team to support internal and external security audits, penetration testing, and certification processesStay up-to-date on current software development technologies and security controlsEmbrace a culture of continuous service improvement and service excellenceCollaborate with engineering teams to provide feedback on products and development environments.2. Application Security Engineer, Dropbox, San Francisco, CA
Job Summary:Partner with engineering and product teams in the design phase of products and featuresPerform threat modeling and security architecture and design reviewsConduct ongoing network and application penetration testingTrack vulnerabilities and partner with engineering and product to remediate vulnerabilities according to Mosaic policiesLead security projects including the implementation and configuration of security tools and automation for ongoing testingDeliver security training to internal development teamsEvaluate data management, data quality, and data access processes for gaps, inefficiencies, and opportunitiesWork and remediate bugs with affected application and infrastructure teamsAdvise and consult internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigationMentor developers on evolving threats to their applications and help ensure state-of-the-art secure development practices are being usedPerform code reviews of security-critical codeResearch and analyze potential new threats, attack vectors, and risks and identify mitigation efforts3. Application Security Engineer, Stripe, San Francisco, CA
Job Summary:Conduct application security reviews for our services and applicationsPerform penetration testing for critical services and applicationsPerform security code reviews for critical changes during the development phaseDeliver security training and outreach to internal development teamsDevelop security best practices documentation for internal security applicationsDevelop automation to streamline common tasks, tests, workflows, etc.Train and mentor DevOps and Developer teams on application security best practicesActively promote security culture and education within the organizationBuild tools to automate security checks across products and IT workflowsPerform security testing for new and existing features across web, mobile, and desktop productsEnumerate security risks and controls to mitigate themResearch new technologies and present security best practices to product teamsGuide teams on adoption and execution of a Secure Product Life Cycle4. Application Security Engineer, McAfee, Santa Clara, CA
Job Summary:Participate in building better, more robust, and automated processes for the Technology Services departmentOccasionally serve as Tier 2 support for security tools support and troubleshootingBecome a subject matter expert on company systems to enhance and mature the capabilities that the Information Security team has in the environmentFront line support for the Information Security intake processParticipate in providing best-in-class security recommendations in conjunction with Security ArchitectureRisk ranking information security risks and triaging tasksParticipate in the Company's project life cycle business process for escalation to security architectureParticipate in the Company's Security program vulnerability management programSecurity tool evaluation, recommendation, and maintenanceDevelop and optimize the security tools used throughout the platform infrastructure and contribute to the overall security strategy across the organization5. Application Security Engineer, Zoom Video Communications, San Jose, CA
Job Summary:Help build robust and scalable web applicationsAdvise on the secure design of applications and services and participate in threat modelingValidate, track, and prioritize security issuesDesign and build internal security tools that help fix security problemsParticipate in security incident response and help improve SIEM toolsProvide subject matter expertise on cloud security, application-level security controls, and safe programming practicesPromote security knowledge across development teams and inspire security championsIdentify security issues and risks, and develop mitigation plansDesign, implement, support, and evaluate security-focused tools and services including project leadershipDevelop and interpret security policies and proceduresParticipate in security compliance effortsDevelop and deliver recommended new and emergency security products and technologies6. Application Security Engineer, VMware, Palo Alto, CA
Job Summary:Architect, design, and implement security controls for maintaining a secure ecosystem built in alignment with a zero-trust architectureStay current with solutions in the market, recommend improvements and solutions to existing postureAssist with the documentation and maintenance of designs for security systems and controlsAssist in incident response, breach analysis, and tabletop exercisesWork closely with product development, platform, and IT teams on various architectural and design aspects of product and internal securityMaintain strong knowledge of ongoing security threats and recommended best practicesConduct security readiness assessments, application pen tests, and analysis of findingsCollaborate with compliance and technology teams to build actionable functional and technical requirementsBe responsible for the development of documentation (written and video) for AppSec products used within the organizationWork with teams to identify and close gaps in application security applications and their productsHelp to establish and communicate best practices involving implementation of technologies and AppSec solutionsWork with multiple diverse teams spread throughout the world7. Application Security Engineer, Slack Technologies, San Francisco, CA
Job Summary:Work with the security team to ensure the security of in-house developed applications and COTS systemsPerform analysis, investigation, and remediation of applications and systems partnering with vendorsEnsure superior OS hardening and other security configuration best practicesProvide security assistance to the security and infrastructure team on projects and system architecturePerform behavioral analysis and review of application logs, alerts, and other security information to detect potentially malicious eventsManage InfoSec development, testing, and QA functions to ensure that projects are securely delivered and fulfill security requirementsEvaluate, test, and recommend new application and coding security techniques and strategiesEvaluate and recommend new and emerging security products and technologiesOversee the code vulnerability scans and applications patching processReview vendor or third-party security processesReview and recommend Cloud and SaaS solutions from an API security perspective8. Application Security Engineer, Citrix Systems, Fort Lauderdale, FL
Job Summary:Participate in security design discussions, providing technical engineering and operational guidance to developers and internal customersComplete review and improvements for security standards, preferred implementation patterns, secure common frameworks, and developer documentation and education materialsProvide advice on recommended remediations and educate developers on how to build more secure softwareIdentify emerging trends in the industry and establish strategic guidance related to best practice approaches to address those trendsDefine and embed technical security policies, principles, and standardsUse code analysis solutions to evolve the secure-by-design principleDevelop, maintain, and automate security tools for secure SDLC, including ongoing developer trainingMaintain good practices around code repos (like Git), identifying and remediating weaknesses in Open Source librariesProvide advice to development teams on all aspects of security within the development lifecycleProactively identify vulnerabilities, provide solutions, and drive remediationWork closely with platform teams to build centralized security reporting dashboardsAutomate the identification and remediation of security issues across Cloud services9. Application Security Engineer, Dell Technologies, Round Rock, TX
Job Summary:Develop relationships across internal product, engineering, and technical organizationsStay up to date with the latest vulnerabilities, exploits, security trends, and general changes in technology to provide guidance on how these affect the security of businessThreat modeling, architecture, and design reviews on services and applications as requiredHelp other departments to build security into their workflowMentor and cross-train other Security Engineers across the divisionEvaluate and promote new and existing security standards, solutions, and toolsImplement technical solutions in line with the cybersecurity strategic plansAnalyze threats and vulnerabilities to determine security impactAssess the security of core platform infrastructureBuild technologies to detect and prevent security vulnerabilitiesHelp development teams build security into the Workday platform by performing threat modeling, architecture reviews, and code reviewsProvide recommendations for hardening applications and environments10. Application Security Engineer, Atlassian, Mountain View, CA
Job Summary:Facilitate efforts in Engineering Teams to perform and maintain threat models and provide coaching and guidance to EngineersUse knowledge of common risks and vulnerabilities to guide Engineering teams in building productsUse and maintain security tooling and processes, such as DAST/SAST tools and vulnerability reportingDeploy and automate AWS security features such as IAM rules, AWS Config, roles, etc.Confirm vulnerabilities in reports such as responsible disclosuresPromote and champion a culture of Application Security among teamsFacilitate and participate in incident response effortsRecord and communicate vulnerability findings and keep records up to dateWork with application development teams to provide guidance on best practices for secure application development across a variety of languages and frameworksTriage incoming bug reports from the information security team and the security research community11. Application Security Engineer, DocuSign, San Francisco, CA
Job Summary:Partner with software engineers, DBAs, and QA engineers to ensure adequate security processes and tools are in placeMitigate identified risks to an acceptable level to meet business objectives and regulatory requirementsProvide security advice to development and testing teamsProvide expert-level guidance during internal and external application security assessmentsIdentify, recreate, and remediate security defectsProvide training for development and QA teams on implementing security into their existing practicesHelp to develop a security mindset among the engineering teamsImplement and execute an application-level threat modeling program for the enterprisePrioritize and track security issues and work with necessary teams to ensure remediationServe as a leader by promoting security awareness and mentoring team members
#J-18808-Ljbffr
1. Application Security Engineer, Intel Corporation, Santa Clara, CA
Job Summary:Define, plan and oversee security initiatives and processesLead, motivate, and inspire both your fellow Engineering Organization to drive toward the SecOps visionTriage security issues found and allocate to the right functions to address themBuild and manage tooling to improve our securityImplement security fixes on both infrastructure and applicationsBuild and manage strong relationships with Product and Engineering leaders across the organizationBuild awareness and support for security to integrate SecOps into the cultural fabric of the organizationCollaborate with peers to creatively solve problems and drive department-wide objectivesWork closely with the InfoSec team to support internal and external security audits, penetration testing, and certification processesStay up-to-date on current software development technologies and security controlsEmbrace a culture of continuous service improvement and service excellenceCollaborate with engineering teams to provide feedback on products and development environments.2. Application Security Engineer, Dropbox, San Francisco, CA
Job Summary:Partner with engineering and product teams in the design phase of products and featuresPerform threat modeling and security architecture and design reviewsConduct ongoing network and application penetration testingTrack vulnerabilities and partner with engineering and product to remediate vulnerabilities according to Mosaic policiesLead security projects including the implementation and configuration of security tools and automation for ongoing testingDeliver security training to internal development teamsEvaluate data management, data quality, and data access processes for gaps, inefficiencies, and opportunitiesWork and remediate bugs with affected application and infrastructure teamsAdvise and consult internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigationMentor developers on evolving threats to their applications and help ensure state-of-the-art secure development practices are being usedPerform code reviews of security-critical codeResearch and analyze potential new threats, attack vectors, and risks and identify mitigation efforts3. Application Security Engineer, Stripe, San Francisco, CA
Job Summary:Conduct application security reviews for our services and applicationsPerform penetration testing for critical services and applicationsPerform security code reviews for critical changes during the development phaseDeliver security training and outreach to internal development teamsDevelop security best practices documentation for internal security applicationsDevelop automation to streamline common tasks, tests, workflows, etc.Train and mentor DevOps and Developer teams on application security best practicesActively promote security culture and education within the organizationBuild tools to automate security checks across products and IT workflowsPerform security testing for new and existing features across web, mobile, and desktop productsEnumerate security risks and controls to mitigate themResearch new technologies and present security best practices to product teamsGuide teams on adoption and execution of a Secure Product Life Cycle4. Application Security Engineer, McAfee, Santa Clara, CA
Job Summary:Participate in building better, more robust, and automated processes for the Technology Services departmentOccasionally serve as Tier 2 support for security tools support and troubleshootingBecome a subject matter expert on company systems to enhance and mature the capabilities that the Information Security team has in the environmentFront line support for the Information Security intake processParticipate in providing best-in-class security recommendations in conjunction with Security ArchitectureRisk ranking information security risks and triaging tasksParticipate in the Company's project life cycle business process for escalation to security architectureParticipate in the Company's Security program vulnerability management programSecurity tool evaluation, recommendation, and maintenanceDevelop and optimize the security tools used throughout the platform infrastructure and contribute to the overall security strategy across the organization5. Application Security Engineer, Zoom Video Communications, San Jose, CA
Job Summary:Help build robust and scalable web applicationsAdvise on the secure design of applications and services and participate in threat modelingValidate, track, and prioritize security issuesDesign and build internal security tools that help fix security problemsParticipate in security incident response and help improve SIEM toolsProvide subject matter expertise on cloud security, application-level security controls, and safe programming practicesPromote security knowledge across development teams and inspire security championsIdentify security issues and risks, and develop mitigation plansDesign, implement, support, and evaluate security-focused tools and services including project leadershipDevelop and interpret security policies and proceduresParticipate in security compliance effortsDevelop and deliver recommended new and emergency security products and technologies6. Application Security Engineer, VMware, Palo Alto, CA
Job Summary:Architect, design, and implement security controls for maintaining a secure ecosystem built in alignment with a zero-trust architectureStay current with solutions in the market, recommend improvements and solutions to existing postureAssist with the documentation and maintenance of designs for security systems and controlsAssist in incident response, breach analysis, and tabletop exercisesWork closely with product development, platform, and IT teams on various architectural and design aspects of product and internal securityMaintain strong knowledge of ongoing security threats and recommended best practicesConduct security readiness assessments, application pen tests, and analysis of findingsCollaborate with compliance and technology teams to build actionable functional and technical requirementsBe responsible for the development of documentation (written and video) for AppSec products used within the organizationWork with teams to identify and close gaps in application security applications and their productsHelp to establish and communicate best practices involving implementation of technologies and AppSec solutionsWork with multiple diverse teams spread throughout the world7. Application Security Engineer, Slack Technologies, San Francisco, CA
Job Summary:Work with the security team to ensure the security of in-house developed applications and COTS systemsPerform analysis, investigation, and remediation of applications and systems partnering with vendorsEnsure superior OS hardening and other security configuration best practicesProvide security assistance to the security and infrastructure team on projects and system architecturePerform behavioral analysis and review of application logs, alerts, and other security information to detect potentially malicious eventsManage InfoSec development, testing, and QA functions to ensure that projects are securely delivered and fulfill security requirementsEvaluate, test, and recommend new application and coding security techniques and strategiesEvaluate and recommend new and emerging security products and technologiesOversee the code vulnerability scans and applications patching processReview vendor or third-party security processesReview and recommend Cloud and SaaS solutions from an API security perspective8. Application Security Engineer, Citrix Systems, Fort Lauderdale, FL
Job Summary:Participate in security design discussions, providing technical engineering and operational guidance to developers and internal customersComplete review and improvements for security standards, preferred implementation patterns, secure common frameworks, and developer documentation and education materialsProvide advice on recommended remediations and educate developers on how to build more secure softwareIdentify emerging trends in the industry and establish strategic guidance related to best practice approaches to address those trendsDefine and embed technical security policies, principles, and standardsUse code analysis solutions to evolve the secure-by-design principleDevelop, maintain, and automate security tools for secure SDLC, including ongoing developer trainingMaintain good practices around code repos (like Git), identifying and remediating weaknesses in Open Source librariesProvide advice to development teams on all aspects of security within the development lifecycleProactively identify vulnerabilities, provide solutions, and drive remediationWork closely with platform teams to build centralized security reporting dashboardsAutomate the identification and remediation of security issues across Cloud services9. Application Security Engineer, Dell Technologies, Round Rock, TX
Job Summary:Develop relationships across internal product, engineering, and technical organizationsStay up to date with the latest vulnerabilities, exploits, security trends, and general changes in technology to provide guidance on how these affect the security of businessThreat modeling, architecture, and design reviews on services and applications as requiredHelp other departments to build security into their workflowMentor and cross-train other Security Engineers across the divisionEvaluate and promote new and existing security standards, solutions, and toolsImplement technical solutions in line with the cybersecurity strategic plansAnalyze threats and vulnerabilities to determine security impactAssess the security of core platform infrastructureBuild technologies to detect and prevent security vulnerabilitiesHelp development teams build security into the Workday platform by performing threat modeling, architecture reviews, and code reviewsProvide recommendations for hardening applications and environments10. Application Security Engineer, Atlassian, Mountain View, CA
Job Summary:Facilitate efforts in Engineering Teams to perform and maintain threat models and provide coaching and guidance to EngineersUse knowledge of common risks and vulnerabilities to guide Engineering teams in building productsUse and maintain security tooling and processes, such as DAST/SAST tools and vulnerability reportingDeploy and automate AWS security features such as IAM rules, AWS Config, roles, etc.Confirm vulnerabilities in reports such as responsible disclosuresPromote and champion a culture of Application Security among teamsFacilitate and participate in incident response effortsRecord and communicate vulnerability findings and keep records up to dateWork with application development teams to provide guidance on best practices for secure application development across a variety of languages and frameworksTriage incoming bug reports from the information security team and the security research community11. Application Security Engineer, DocuSign, San Francisco, CA
Job Summary:Partner with software engineers, DBAs, and QA engineers to ensure adequate security processes and tools are in placeMitigate identified risks to an acceptable level to meet business objectives and regulatory requirementsProvide security advice to development and testing teamsProvide expert-level guidance during internal and external application security assessmentsIdentify, recreate, and remediate security defectsProvide training for development and QA teams on implementing security into their existing practicesHelp to develop a security mindset among the engineering teamsImplement and execute an application-level threat modeling program for the enterprisePrioritize and track security issues and work with necessary teams to ensure remediationServe as a leader by promoting security awareness and mentoring team members
#J-18808-Ljbffr