Junior Application Security Engineer

Junior Application Security EngineerWilmington, DEMonday to Friday, 9am-6pm EST or 10am-7pm ESTHybrid (onsite one day/week)The Junior Application Security Engineer will be responsible for the following:Providing expertise in the Application Security areas of Web Application Security Services, API Security, and Application Security Testing.Developing policies to protect web applications and APIs from malicious payload attacks, providing virtual patching capabilities and validation with Security Testing.Assisting in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.What You Will Bring:Knowledge in building the F5 WAF, API Security, BOT protection, DOS/DDOS protection policies, and extending them to hybrid cloud environments - AWS and Azure.Familiarity with the DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA.Knowledge of Cloud & Kubernetes Resource Security, Secure Network and Architecture, SDLC standards, and policies.Familiarity with Web App Protection AWS and Azure App Protection Policy, Configuration, and Security Management tools.Expertise in Programming languages: Python, NodeJS, SQL query, and Vulnerable Code remediation.Stay up to date with the latest application security threats and trends.Required:Proficiency in designing, implementing, and maintaining effective security policies for web applications using WAF technologies.Experience coordinating and performing vulnerability assessments using automated and manual tools.Ability to review and analyze WAF logs to detect and respond to security incidents promptly.Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and applications, and determine any reported vulnerabilities that are false positives.Strong experience with BI Design and Development.Familiarity with Information Security frameworks/standards (i.e., CIS, NIST, RFC2196, etc.).Familiarity with common security libraries, security controls, and common security flaws.Other Application Security Engineer Role Requirements for CSC:Manage security integration into the SDLC process at CSC.Help evolve CSC’s application security functions and services.Responsible for Security bug intake and remediation process for CSC.Identify security exposures and develop mitigation plans.Identify, report, and fix technical debt.Assist Senior Application Security on all application security activities.Become a representative for the CSC Information Security program.Be productive and participate in security initiatives with minimal supervision.Use the tools and technologies used throughout CSC InfoSec.Troubleshoot issues and performance bottlenecks.Follow Security best practices.Strong foundation in core information security principles and goals.Proven expertise in enterprise security solutions.Knowledge of common and emerging security threats.In-depth knowledge of security best practices.Exceptional analytical aptitude and attention to detail.Excellent communication skills.Ability to explain complex security topics in simple language.Fast learner / a strong willingness to learn.Good team player who is self-motivated and well-organized.Security Certifications are a plus.#LI - CS1

#J-18808-Ljbffr