Experience:
3-5 years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
9/13/2017
Job Category:
Engineering
Application Security Engineer
(This job is no longer available)
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

Application Security Engineer
$100-120K

Prestigious Organization is seeking a Senior Application Security Engineer who will be responsible for integrating security into the development of Allstate's applications. The Application Security Engineer will work closely with the product and software development teams, product owners, and scum masters to threat model, vulnerability scan, and pen test the early software, system, and network architecture and identify required control points in the application stack. The Application Security Engineer will also work closely with developers to diagnose, document, and remediate application security vulnerabilities. The Application Security Engineer will also be responsible for evaluating, recommending, and implementing application security related software in an automated continuous integration/deployment environment.

Work closely with application development and platform teams to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization, including threat modelling and applications security advisement services.

Develop and maintain a balanced application security program based on a well-defined application security framework
Conduct application security assessments/penetration tests and implement tools for dynamic/automated code reviews
Ensure application design and implementation best-practice with role-based and appropriate access standards, as well as integration with Identity and Access Management environments.
Ensure compliance with society, regulatory, and industry standards for application security.
Continuously evaluate the organization's existing application security practices, define and measure security-related activities, and demonstrating concrete improvements to the application assurance program within the organization.
Provide secure application development training to developers and provide guidance on the development of web-based training for ongoing awareness.
Conduct code reviews and penetration testing
Develop and maintain unit and integration tests designed to ensure security controls are tested on every build

Job Description

  • 3-5 years progressive experience in Application Development OR Information Security OR Software Quality Assurance
  • Experience with one or more languages like Java/JavaScript, C++/C#, Ruby/Python/Perl
  • Strong understanding of application security concepts for Internet technology, architecture and protocols
  • Knowledge of OWASP Top 10, CWE Top 25 concepts
  • We are looking for someone who has passion for IT Security.

Qualifications

Applicants must be eligible to work in the specified location