Application Security Engineer (Remote)

Job ID: 3549 Job Title: Application Security Engineer Location: 100% REMOTE Job Type: Perm Full-Time Salary: Highly Competitive Security Engineer Job Description: Our client is looking for a remote Security Engineer who will play a key role as part of the Infosec team. The successful candidate will have a strong background in the following areas: •Strong foundational and working knowledge of security best practices and their integration into workflows •Designing and Implementing modern a security reference architecture •Working with Dev/Engineering resource to build foundationally secure applications Responsibilities include: • Develop and maintain internal application security tooling. • Automate security testing and vulnerability management procedures where reasonable. • Assist Integration of security into the build/deployment process. • Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure. • Provide expert guidance and recommendations for strategic and tactical security architecture topics through risk advisory services. • Perform vulnerability research, assessment, and management, serve as a technical security/risk advisor on all new technologies used/developed such as AWS, session management, SSO, Database, WAF, Opensource libraries. • Support the engineering team by suggesting remediation strategies for reported vulnerabilities. • Assist developers in remediating vulnerabilities by providing line-by-line guidance. • Provide training and education to developers on software security best practices in various cloud-based systems. •Utilize dynamic application vulnerability scanning • Utilize static application vulnerability scanning ls Minimum Qualifications: • Bachelors’ Degree in InfoSec, Computer Science, or a related discipline. • Experience with full-stack web development. • Working knowledge of SQL. •Complete, deliver and maintain compliance documentation for internal and external users. • Experience developing and working with Web APIs. • Experience interpreting results from Static Code Scanning tools. • Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, OKTA, and other SSO technologies. • Experience with creating and maintaining Threat Models at scale. • Experience with securing database platforms. • Experience in remediating security vulnerabilities beyond OWASP Top 10. • Experience in performing security assessments on cloud-based multi-tenant Software-as-a-Service (SaaS) applications • Experience in assessing the security of native and hybrid mobile applications beyond the use of automated tools. • Functional knowledge of AWS application infrastructure Preferred Qualifications • Experience developing in PHP/Larvel Framework • Experience with RDS • Experience in at least one scripting language (Python/Ruby/Perl/) • Experience working with SaaS applications preferably in the EdTech or AI/ML Space Benefits • An amazing team of friendly and inclusive people who pull together and openly help each other • Passionate team members who have fun, work productively and take pride in everything we do • We’re curious to explore new ideas, find innovative solutions and we’re not afraid to learn as we grow • We work remotely • We recharge with unlimited PTO • Our focus is on team member health and well-being – we have a Health Day once a month • We offer a comprehensive healthcare program SherlockTalent loves to share a $500 referral bonus! "U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time." Apply tot his job