Application Security Engineer

Resolvit.com - Remote

RESOLVIT

Bringing Solutions That Make Business Better

Join Resolvit as an Application Security Engineer and be part of a creative, forward-thinking team. Our success at deploying skilled, highly knowledgeable experts has landed us on the Inc. 5000 list of America’s fastest-growing companies four times – and we’re just getting started.

As the Application Security Engineer, you will serve as the SME for concepts behind security controls and how they apply to application development, web presence, and API services. You will identify weaknesses in our security posture within the application or web space while defining methods to achieve security control requirements via automation or highly efficient means that further support timely delivery and minimal overhead. You will also work in a team of infrastructure specialists and engineers making sure services are delivered and used securely as required. Additionally, you will:

  • Work with and support third parties to provide security services
  • Advise and enable development and technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns
  • Become the primary security expert for multiple product lines, and act as the point of contact for engineering and security
  • Perform architecture reviews to steer projects in the right direction, participate in security code reviews, and automate penetration testing against products prior to move to production
  • Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and developing strategies to proactively secure their architecture
  • Review development frameworks for security functionality, consistency, and uplift opportunities
  • Create threat models and leverage them to prioritize time based on risk impact
  • Educate and train product teams
  • Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
  • Implement and/or assess existing security controls
  • Translate logical designs into physical designs
  • Produce detailed designs and document all work using required standards, methods, and tools, including prototyping tools where appropriate
  • Design systems characterized by managed levels of risk, manageable business, and technical complexity and meaningful impact
  • Work with well-understood technology and identify appropriate patterns

What You’ll Need to be Successful:

  • At least 7 years of related work experience in security engineering
  • Bachelor’s degree in computer science, information technology, or related field, or equivalent work experience
  • Strong experience in web and mobile application security
  • Strong experience in distributed platform development security and design
  • In-depth knowledge of web and mobile security standards and best practices (OWASP)
  • Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth)
  • Experience with industry tools and technologies such as Burp and Metasploit
  • Working knowledge of common languages such as Python, GO, JavaScript, and Java
  • Familiarity in public cloud security deployment and implementation issues (AWS, Azure, GCP)
  • Familiarity with audits and standards requirements such ISO 27001, PCI DSS, and SOC 1 & 2
  • Expertise with Identity and Access Management, security operations, and software development security
  • Proven expertise in enterprise-grade and web scale security solutions
  • Excellent communication skills
  • Ability to explain complex security topics in simple terms
  • Ability to lead and project manage multiple security initiatives

Great Additional Skills:

  • Master’s degree
  • Certifications in OSCP, CISSP, GCIH, GXPN, and/or GPEN
  • Insights, experience, or background in any of the following: NIST, ISO27001, data protection, Java development, static code analysis, dynamic code analysis, PEN testing, containers, microservices, CI/CD pipeline, Agile, GitHub, Jira, Docker, Kubernetes, cloud security (AWS, Azure, GCP) and design, process maturity, and other related focuses

We currently have more than 100 open career opportunities across the country, so be sure to mention the appropriate Job Code with any correspondence!

About Resolvit:

Resolvit is an international technology consulting firm with industry-leading customers in the financial services, high tech, manufacturing, retail, life sciences, and government sectors. Through its partnerships, Resolvit delivers highly impactful, innovative solutions across five core areas: Infrastructure Modernization, Application Development Services, Enterprise Data Management & Analytics, Knowledge & Content Management, and Strategic Staffing.



Posted On: Thursday, March 31, 2022



Apply to this job
  • It is the policy of Resolvit, LLC to provide and administer employment, training, compensation, promotion, benefits and employment practices without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, age, disability, medical condition, veteran status, marital status, or political affiliation.