Logo
Aloden, Inc.

Security Engineer - Application Security Job at Aloden, Inc. in Charlotte

Aloden, Inc., Charlotte, NC, United States


Security Engineer - Application Security , Only W2 (Citizen, GC, GC EAD and H4EAD) Locations: Charlotte, NC; Chandler, AZ; Westlake, TX (Hybrid - 3 days onsite, 2 days WFH) Duration: 12+ Months Contract Required Qualifications: Experience: 5+ years of Application Security Engineering experience, or equivalent demonstrated through a combination of work experience, training, military experience, or education 5+ years of troubleshooting experience in complex technical environments 2+ years of experience implementing technical solutions in a large enterprise (150K+ employees) 2+ years of experience with scripting tools such as Bash, Python, and PowerShell 1+ year of experience writing SQL queries 1+ year of experience building/managing MS SQL and/or Oracle databases, including data feeds and ETL Desired Qualifications: Application Security Expertise: Expert understanding of OWASP Top 10 and SANS/CWE Top 25 vulnerabilities Development Experience: Experience in developing applications using Java, .NET (preferred), C#, JavaScript, Python, or other modern OOP languages. Security Tool Management: Experience managing automated application security testing tools (SAST, DAST, SCA) Secure Development Guidance: Ability to provide strategic and tactical security guidance for secure application development, including technical control recommendations. CI/CD Integration: Experience integrating application security tools into the CI/CD pipeline. DevSecOps: Experience with DevSecOps practices and principles. Certifications: One or more of the following application security certifications: OSCP, OSEP, OSWE, CEH, LPT, CPT, CEPT, CASS, CASE, CMWAPT, CRTOP, GIAC GEVA/GPEN/GWAPT/GCPN/GXPN/GMOB/GDAT Responsibilities: Identify and assess application security risks, vulnerabilities, and threats. Conduct security assessments and penetration testing of applications. Provide recommendations and guidance on secure coding practices and remediation of vulnerabilities. Implement and manage automated application security testing tools. Integrate security into the development lifecycle (DevSecOps). Collaborate with development teams to ensure secure application development. Develop and maintain security documentation and procedures.