Logo
Insight Global

Insight Global is hiring: Application Security Engineer in Middletown

Insight Global, Middletown, PA, United States


A global electronic design and manufacturing company is seeking a highly skilled Application Security Engineer to join their enterprise Information Security organization. In this role, this individual will play a key role in traditional security engineering tasks and the development and implementation of a comprehensive Application Security (AppSec) programs. Including, but not limited to, code reviews, identifying vulnerabilities in LOB specific or and enterprise applications, creating security policies and procedures, and educating teams on secure coding practices. This is a full time, fully remote role (individual must be comfortable working EST hours) and is an immediate need.

Additional Details:

1. Application Security:
o Design, develop, and implement a robust Application Security program.
o Create and maintain application security policies, standards, and procedures.
o Work with the relevant teams to better integrate security into their software development lifecycle (SDLC) processes.
o Establish metrics and reporting mechanisms to track the effectiveness of the AppSec program.
o Conduct regular security assessments including static and dynamic code analysis (Whitehat).
o Perform penetration testing on applications and systems to identify and exploit vulnerabilities.
o Collaborate with development teams to remediate identified security issues and vulnerabilities.
o Become an expert on TEs various applications and their criticality to TE and our customers.
2. Security Engineering:
o Perform traditional Information Security Engineering tasks and responsibilities.
o Develop a strong command of our security stack, including but not limited to SIEM(Devo), SOAR(Rapid7 and Devo), EDR/Container Security(Crowdstrike) and more.
o Be involved in triaging and responding to potential security incidents, emerging threats and new vulnerabilities.
o Provide security design reviews and consultations for new and existing projects.
3. Secure Coding Practices:
o Develop and deliver training programs on secure coding practices for development teams.
o Stay up-to-date with the latest threats, vulnerabilities, and security trends to advise on best practices.
o Assist in integrating security into continuous integration/continuous deployment (CI/CD) pipelines and establishing the Information Security Engineering team (ISE) as a Center of Excellence (COE) for AppSec.
4. Incident Response and Management:
o Participate in the incident response process, focusing on application-related security incidents.
o Investigate and analyze security breaches and provide actionable recommendations to prevent recurrence.
5. Collaboration and Communication:
o Work closely with development, operations, and other IT teams to integrate security seamlessly into development and operational processes.
o Act as a security advocate and advisor, fostering a culture of security awareness and best practices.
6. Documentation and Reporting:
o Maintain comprehensive documentation for all aspects of the AppSec program.
o Prepare and deliver reports to stakeholders, summarizing findings, risks, and remediation efforts.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Required Skills & Experience
-5+ years of experience in application security and security engineering
-Experience supporting, developing, and implementing application security programs, standards, and policies
-Strong programming experience with Python (java, C#, Javascript are a plus)
-Understanding of API frameworks and API security
-Strong experience working in a cloud environment (AWS preferred)
-Experience with automation tools and frameworks for security engineering
-Exposure to container security solutions (Docker, ECS, AKS, Fargate, etc.)
-Proven ability to work effectively with technical teams and functional, business partners
-Excellent communication skills and experience working in a large enterprise environment

Nice to Have Skills & Experience
-Experience with CI/CD pipelining
-Experience with application/ infrastructure penetration testing
-Experience with SIEM and SOAR tools

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.