Uvcyber
Application Security Engineer | Zero Trust
Uvcyber, Virginia, Minnesota, United States, 55792
Make a difference here.UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.UltraViolet Cyber is looking for a highly motivated Application Security Engineer to join our team.
Your responsibilities will include driving new capabilities, aligning short-term goals with long-term initiatives, advocating for best practices, conducting vulnerability assessments, and collaborating with various teams to ensure a secure environment. Join us and play a key role in safeguarding our applications and data.Must be legally allowed to work in the US, and the work must be done in the US.No third-party candidates will be considered.Responsibilities
Key resource supporting an enterprise Zero Trust Architecture deployment.Develops team vision to drive new capabilities against a published roadmap, in conjunction with management.Formulates and directs activities that align short term goals and long-term initiatives while providing accurate and timely estimates of work breakdown schedules.Influences and drives adoption of best practices and high-quality standards throughout the division.Integrates diverse solution components across multiple platforms using industry standard interfaces.Optimizes team efficiency and performance through high level technical direction.Provides technical leadership in implementation of applications, strategic planning sessions, documentation of requirements, tool implementation, database query languages, and programming languages.Presents technical designs and solutions to executives, management, and other audiences to gain consensus and/or project approval.Serves as a subject matter expert for application security, vulnerability management, and vulnerability scanning.Supports and consults with product and development teams in the area of application security.Assesses applications for vulnerabilities in web UIs, mobile applications, and APIs.Provides manual application secure code reviews.Works analytically to solve both tactical and strategic problems within the vulnerability management program.Identifies attack surface reduction opportunities through vulnerability data analysis from enterprise custom and COTS applications.Identifies opportunity for process and personnel improvement to mature the vulnerability management program.Contributes as an active member of the Threat Exposure Management team; participates in team activities and planning in regards to improving team skills, awareness, communication, reputation, and quality of work.Collaborates and communicates with Compliance, Internal Audit, Business teams, and others to identify, analyze, and communicate risk; provides support around vulnerability management within their business requirements.Coordinates with the Incident Response team to remediate security incidents as needed.Understands compliance requirements that may impact security, and effectively collaborates with business areas and project teams to develop security solutions that address requirements.Advocates for compliance and security measures, both internally and externally, to protect corporate applications and environments.Qualifications:
Bachelor’s degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience.6+ years of total experience in offensive/defensive security, or systems engineering.1+ years’ experience with Azure, GCP or another cloud service.1+ years of experience supporting a zero trust architecture deployment.Experience leading complex cross-functional programs.Understanding of software development lifecycle and integrating application security into a CI/CD pipeline.Experience with vulnerability management processes including scanning, reporting, and remediation planning.Knowledgeable in remediation activities at the code or script level, including fixing vulnerabilities or defects.Experienced in revision control systems and the agile process using ADO, Git, or similar agile code system functions (Pull, Fetch, Push, Sync).Experience working on mobile programming languages, development practices, and common bug patterns.Familiar with application vulnerability/security frameworks and standards such as OWASP Top 10, SANS Top 20, CVE, CWE, CVSS, etc.Demonstrates strong verbal and written communication skills.Ability to clearly communicate Information Security matters to executives, auditors, end users, analysts, peers, and engineers, using appropriate language, examples, and tone.Experience identifying and validating security requirements for software.Experience working with software development teams.Realistic outlook that understands security problems as a balance of both security and business needs.Demonstrated logical and structured approach to time management and task prioritization in support of teamwork goals.Strong analytical skills, documentation skills, and awareness of change management; ability to adapt to changing priorities.Strong collaborative mindset and able to function as a contributing member of the team.Ability to handle highly confidential information in a strictly professional manner.Scheduling flexibility to meet the needs of the business.US Citizen/Must pass a government background investigation.Additional Requirements:
Must be able to pass Government EOD Clearance process - US Citizenship requirement.ZERO TRUST Experience.Benefits at UltraViolet Cyber!
401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed.Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment).Group Term Life, Short-Term Disability, Long-Term Disability.Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness.Participation in the Discretionary Time Off (DTO) Program.11 Paid Holidays Annually.UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.If you want to make an impact, UltraViolet Cyber is the place for you!
#J-18808-Ljbffr
Your responsibilities will include driving new capabilities, aligning short-term goals with long-term initiatives, advocating for best practices, conducting vulnerability assessments, and collaborating with various teams to ensure a secure environment. Join us and play a key role in safeguarding our applications and data.Must be legally allowed to work in the US, and the work must be done in the US.No third-party candidates will be considered.Responsibilities
Key resource supporting an enterprise Zero Trust Architecture deployment.Develops team vision to drive new capabilities against a published roadmap, in conjunction with management.Formulates and directs activities that align short term goals and long-term initiatives while providing accurate and timely estimates of work breakdown schedules.Influences and drives adoption of best practices and high-quality standards throughout the division.Integrates diverse solution components across multiple platforms using industry standard interfaces.Optimizes team efficiency and performance through high level technical direction.Provides technical leadership in implementation of applications, strategic planning sessions, documentation of requirements, tool implementation, database query languages, and programming languages.Presents technical designs and solutions to executives, management, and other audiences to gain consensus and/or project approval.Serves as a subject matter expert for application security, vulnerability management, and vulnerability scanning.Supports and consults with product and development teams in the area of application security.Assesses applications for vulnerabilities in web UIs, mobile applications, and APIs.Provides manual application secure code reviews.Works analytically to solve both tactical and strategic problems within the vulnerability management program.Identifies attack surface reduction opportunities through vulnerability data analysis from enterprise custom and COTS applications.Identifies opportunity for process and personnel improvement to mature the vulnerability management program.Contributes as an active member of the Threat Exposure Management team; participates in team activities and planning in regards to improving team skills, awareness, communication, reputation, and quality of work.Collaborates and communicates with Compliance, Internal Audit, Business teams, and others to identify, analyze, and communicate risk; provides support around vulnerability management within their business requirements.Coordinates with the Incident Response team to remediate security incidents as needed.Understands compliance requirements that may impact security, and effectively collaborates with business areas and project teams to develop security solutions that address requirements.Advocates for compliance and security measures, both internally and externally, to protect corporate applications and environments.Qualifications:
Bachelor’s degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience.6+ years of total experience in offensive/defensive security, or systems engineering.1+ years’ experience with Azure, GCP or another cloud service.1+ years of experience supporting a zero trust architecture deployment.Experience leading complex cross-functional programs.Understanding of software development lifecycle and integrating application security into a CI/CD pipeline.Experience with vulnerability management processes including scanning, reporting, and remediation planning.Knowledgeable in remediation activities at the code or script level, including fixing vulnerabilities or defects.Experienced in revision control systems and the agile process using ADO, Git, or similar agile code system functions (Pull, Fetch, Push, Sync).Experience working on mobile programming languages, development practices, and common bug patterns.Familiar with application vulnerability/security frameworks and standards such as OWASP Top 10, SANS Top 20, CVE, CWE, CVSS, etc.Demonstrates strong verbal and written communication skills.Ability to clearly communicate Information Security matters to executives, auditors, end users, analysts, peers, and engineers, using appropriate language, examples, and tone.Experience identifying and validating security requirements for software.Experience working with software development teams.Realistic outlook that understands security problems as a balance of both security and business needs.Demonstrated logical and structured approach to time management and task prioritization in support of teamwork goals.Strong analytical skills, documentation skills, and awareness of change management; ability to adapt to changing priorities.Strong collaborative mindset and able to function as a contributing member of the team.Ability to handle highly confidential information in a strictly professional manner.Scheduling flexibility to meet the needs of the business.US Citizen/Must pass a government background investigation.Additional Requirements:
Must be able to pass Government EOD Clearance process - US Citizenship requirement.ZERO TRUST Experience.Benefits at UltraViolet Cyber!
401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed.Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment).Group Term Life, Short-Term Disability, Long-Term Disability.Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness.Participation in the Discretionary Time Off (DTO) Program.11 Paid Holidays Annually.UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.If you want to make an impact, UltraViolet Cyber is the place for you!
#J-18808-Ljbffr