Our client, a food and beverage company, is looking for an Application Security Engineer to join their team on a 6 month contract in Plano, TX.
This role can pay $80-90/hour on a W-2 Contract.
This person will join a team that is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage security risks in applications.
Responsibilities:
Drive the development and execution of the application security strategy by translating high-level objectives into actionable plans. Lead and inspire the team to achieve these goals, ensuring alignment with overall organizational security initiatives and fostering a culture of proactive security.
Develop technical documentation (i.e. system design, architecture diagrams, data flows, functional specifications).
Contribute to defining the future state of cybersecurity within the organization by conducting technical assessments between current state and the desired state across security tools and services.
Develop program metrics, continuously measure progress and Impact and drive improvements.
Collaborate with the Senior leadership and cross-functional teams including DevOps, development teams, security operations, data and analytics, enterprise architecture, Platform team, and sector functions.
Implement and manage automated security tools within CI/CD pipelines. Ensure seamless integration and operation to enhance security posture.
Integrate and operate a centralized findings management system to efficiently manage and track security vulnerabilities and remediation efforts.
Define and implement a strategy to ensure automated security tools are configured to operate in an optimal fashion. Establish and monitor key performance indicators (KPIs) to constantly measure effectiveness and make necessary adjustments for continuous improvement.
Develop and maintain green field automation solutions and full stack applications to support and enhance application security.
Provide expert triage and remediation guidance for security vulnerabilities. Assist and mentor team members and other engineering teams in understanding and addressing security issues.
Foster a collaborative environment, promote knowledge sharing, and mentor junior engineers to build a strong, skilled security team.
Continuously research and raise novel concepts to improve the application security posture of the business. Stay updated with the latest security trends, tools, and practices.
Execute projects, objectives, and deliverables in alignment with the team's vision, mission, and goals.
Create and deliver training sessions; mentor junior team members; and engage in knowledge transfer sessions, technical design reviews, security reviews, and business review meetings.
Years of experience
- 7+ years in software development; or master’s degree in computer science/engineering or related cyber field, and 5 years of relevant experience.
- 2+ years in a leadership or senior role within application security.
- Proficient in at least one programming language (Java, C#, Go) and scripting language (Python, bash, PowerShell)
- Experience with implementing automated application security scanners in a CI/CD pipeline or using various web app scanning tools (DAST/SAST/SCA/Container…)
- Direct experience with leading, or at a minimum, mentoring junior engineer
- Experience with integrating SAST into CI/CD pipelines for automated scanning
- Exp with triage/false positive review (not leaving it up to the developers/policy)
- Proficient in at least one database management system and query language (MSSQL, PostgreSQL, etc.)
- Proficient in integrating and managing automated security tools within CI/CD pipelines.