CenterPoint Energy, Inc.
Senior Application Security Engineer
CenterPoint Energy, Inc., Houston, Texas, United States, 77246
CenterPoint Energy and its predecessor companies have been in business for more than 150 years.Our Vision:
Our vision is to become the most admired utility in the United States through the execution of our long-term growth strategy. We have an unwavering commitment to safely and reliably deliver electricity and natural gas to millions of people.Our Commitment:
CenterPoint Energy is committed to creating an inclusive work environment where business results are achieved through the skills, abilities and talents of our diverse workforce.We are seeking a highly skilled and experienced Senior Application Security Engineer to join our Application Security team. The successful candidate will be responsible for ensuring the security of our software applications by identifying, preventing, and mitigating security vulnerabilities and threats. This role involves working closely with development teams to integrate security practices into the software development lifecycle and ensuring compliance with industry standards.Essential Functions
Develop, configure, and implement tooling to support AppSec processes including SAST, DAST, and SCA, in partnership with development teams.Configure application security tools for common use-cases that embed security into CI/CD pipelines for applications.Work with development teams to maintain security tooling configurations and keep tooling, thresholds, and gating up to date.Establish and maintain application security standards and guidelines for developers.Evaluate application architectures for security-related concerns.Champion and enable security-related activities in the software engineering process (e.g., threat modeling, secure coding practices).Assess infrastructure, web, and application environments to help identify and prioritize risks and vulnerabilities.Manage vulnerability backlog, partnering with development teams to ensure issues are addressed in accordance with SLAs.Perform and/or facilitate external audits of cloud architecture specific to security.Perform internal pen-tests on web applications and infrastructure.Education Description
Bachelor's degree in Computer Science, Information Technology, or a related field.Experience
Minimum of 5 years of experience in application security or a related field.Strong understanding of application security principles and practices.Experience with security tools such as SAST, DAST, and SCA, preferably Checkmarx One or Invicti.Knowledge of cloud infrastructure security standards.Excellent problem-solving and analytical skills.Strong communication and collaboration skills.Preferred Qualifications:Relevant certifications such as CISSP, CEH, or OSCP.Familiarity with regulatory requirements and industry standards (e.g., ISO 27001, NIST).Familiarity with Google Cloud Platform and Power BI.What we bring to you
Competitive payPaid trainingBenefits eligibility begins on your first dayFlexible work schedule, paid holidays and paid time offAccess to discounts at fitness clubs and an on-site wellness center at our headquarters in HoustonProfessional growth and development programs including tuition reimbursement401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contributionJob Type:
Full TimePosting Start Date:
10/25/2024Posting End Date:
11/08/2024
#J-18808-Ljbffr
Our vision is to become the most admired utility in the United States through the execution of our long-term growth strategy. We have an unwavering commitment to safely and reliably deliver electricity and natural gas to millions of people.Our Commitment:
CenterPoint Energy is committed to creating an inclusive work environment where business results are achieved through the skills, abilities and talents of our diverse workforce.We are seeking a highly skilled and experienced Senior Application Security Engineer to join our Application Security team. The successful candidate will be responsible for ensuring the security of our software applications by identifying, preventing, and mitigating security vulnerabilities and threats. This role involves working closely with development teams to integrate security practices into the software development lifecycle and ensuring compliance with industry standards.Essential Functions
Develop, configure, and implement tooling to support AppSec processes including SAST, DAST, and SCA, in partnership with development teams.Configure application security tools for common use-cases that embed security into CI/CD pipelines for applications.Work with development teams to maintain security tooling configurations and keep tooling, thresholds, and gating up to date.Establish and maintain application security standards and guidelines for developers.Evaluate application architectures for security-related concerns.Champion and enable security-related activities in the software engineering process (e.g., threat modeling, secure coding practices).Assess infrastructure, web, and application environments to help identify and prioritize risks and vulnerabilities.Manage vulnerability backlog, partnering with development teams to ensure issues are addressed in accordance with SLAs.Perform and/or facilitate external audits of cloud architecture specific to security.Perform internal pen-tests on web applications and infrastructure.Education Description
Bachelor's degree in Computer Science, Information Technology, or a related field.Experience
Minimum of 5 years of experience in application security or a related field.Strong understanding of application security principles and practices.Experience with security tools such as SAST, DAST, and SCA, preferably Checkmarx One or Invicti.Knowledge of cloud infrastructure security standards.Excellent problem-solving and analytical skills.Strong communication and collaboration skills.Preferred Qualifications:Relevant certifications such as CISSP, CEH, or OSCP.Familiarity with regulatory requirements and industry standards (e.g., ISO 27001, NIST).Familiarity with Google Cloud Platform and Power BI.What we bring to you
Competitive payPaid trainingBenefits eligibility begins on your first dayFlexible work schedule, paid holidays and paid time offAccess to discounts at fitness clubs and an on-site wellness center at our headquarters in HoustonProfessional growth and development programs including tuition reimbursement401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contributionJob Type:
Full TimePosting Start Date:
10/25/2024Posting End Date:
11/08/2024
#J-18808-Ljbffr