Remote Application Security Engineer Job in United States RxSense

Who you are

• Work with development and product teams to define security requirements and ensure they are followed
• Partner with development and product teams to drive remediation of security gaps
• Coordinate 3rd party penetration tests and work with internal teams to remediate findings
• Perform architecture and design reviews on company applications
• Monitor and analyze application security logs and events to detect and respond to security threats
• Perform monitoring and management of Web Application Firewall
• Interpret and manually validate Static Application Security Testing (SAST) results
• Manage SAST, SCA and DAST tools to ensure comprehensive testing and remediation of findings
• Analyze and report on risks discovered through application security testing
• Participate on project teams as InfoSec representative
• Ability to quickly adapt to changing priorities as business needs change
• Excellent interpersonal and communication skills a must
• Knowledge and experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Lifecycle)
• Experience with software development, programming, scripting
• Experience with OWASP ZAP or Burp Proxy
• Experience with static application security testing tools
• Knowledge and experience with implementing and managing web application firewalls
• High level understanding of securing Cloud Platforms, AWS and GCP, cloud architecture
• A broad interest/experience across the whole security domain would be an advantage
• BS in Information Systems preferred but appropriate experience is acceptable
• 3+ years of experience in application security, software development, or IT related field
• Must have the ability to identify, analyze and solve security risks pragmatically
• Familiarity with web application architecture, APIs, and cloud environments
• Experience with security standards and frameworks, such as OWASP, NIST, or CIS
• Practical understanding of common application security vulnerabilities
• Excellent problem-solving and analytical skills with demonstrated ability to investigate and solve complex problems
• Excellent communication skills are needed with demonstrated ability to work with multiple organizational functions and levels
• Certifications a plus; GWAPT, GWEB, CISSP, etc.

What the job involves

• Assessing and managing risks in the application security domain
• Performing security touchpoints throughout the Software Development Lifecycle
• Act as an application security SME on project teams
• Ensure compliance with the RxSense Information Security Program and policies