Iem Power Systems Sacour Lemaire
Iem Power Systems Sacour Lemaire is hiring: APPLICATION SECURITY ENGINEER in Orl
Iem Power Systems Sacour Lemaire, Orlando, FL, United States
APPLICATION SECURITY ENGINEER - JACKSONVILLE, FL / FREMONT, CA Purpose of Position We are seeking a talented Application Security Engineer to join our dynamic team and play a crucial role in safeguarding our software products. The Application Security Engineer will be responsible for identifying and mitigating security vulnerabilities in our software applications throughout their lifecycle. This role involves collaborating closely with development teams to implement secure coding practices, conducting security assessments, and ensuring that our applications adhere to the highest security standards.
Essential Functions:
Collaborate with development teams to design and implement secure software architectures and coding practices.
Perform regular security assessments, including static and dynamic code analysis and penetration testing, to identify vulnerabilities and recommend remediation strategies.
Work with development teams to integrate secure coding practices and ensure that security is a fundamental aspect of the software development lifecycle.
Track, prioritize, and manage vulnerabilities discovered in applications, and work with stakeholders to resolve them promptly.
Collaborate with the incident response team to address security incidents, including analyzing and mitigating any impact on applications.
Evaluate, implement, and manage security tools and technologies that enhance application security.
Ensure applications comply with industry standards and regulations such as OWASP Top Ten, PCI-DSS, and GDPR.
Provide training and guidance to development teams on secure coding practices, application security threats, and best practices.
Maintain comprehensive documentation of security assessments, vulnerabilities, remediation efforts, and security policies.
Evaluate the security posture of third-party applications and integrations.
Automate security testing and vulnerability management processes.
Education and Experience:
Bachelor’s degree in Computer Science, Information Security, or a related field; advanced degree or relevant certifications (e.g., CISSP, CEH, OSCP, GSEC) preferred.
Minimum of 5 years of experience in application security or a related field, with a strong understanding of software development and security principles.
Strong understanding in secure coding practices, common security vulnerabilities (e.g., SQL injection, XSS), and experience with security tools.
Strong understanding of web application security concepts, including OWASP Top 10, SANS 25, and common vulnerabilities.
Strong problem-solving skills with the ability to analyze complex security issues and provide practical solutions.
Excellent communication skills with the ability to convey technical concepts to non-technical stakeholders.
Ability to work collaboratively with cross-functional teams.
Preferred Skills:
Experience with cloud security and securing cloud-based applications.
Knowledge of container security (e.g., Docker, Kubernetes).
Familiarity with DevSecOps practices and tools.
Familiarity with continuous integration and deployment (CI/CD) processes.
Knowledge of Agile development methodologies.
#J-18808-Ljbffr