EnergySolutions

Application Security Engineer, Hybrid, US

EnergySolutions

full-time

Posted on:

Origin:  • 🇺🇸 United States • California, Illinois, Oregon

Visit company website
AI Apply
Manual Apply

Salary

💰 $94,200 - $119,800 per year

Job Level

Mid-LevelSenior

Tech Stack

Amazon RedshiftAWSCloudDjangoPostgresPythonSDLC

About the role

  • Hands-on application security and compliance activities across the SDLC.\n
  • Manage security-related tasks in the SDLC to ensure software development activities remain in compliance.\n
  • Collaborate with software developers and code base leads; bridge between business requirements and security.\n
  • Act as SME in security architecture including new designs and design review.\n
  • Recommend application security improvements based on best practices, OWASP standards and other web application security frameworks.\n
  • Review architecture and compliance-related code changes.\n
  • Manage API security including vulnerability scans and best practices.\n
  • Manage security components of the Mendix web development platform and Django; maintain scans and findings from SCA tools.\n
  • Train and educate IS staff on security best practices including OWASP Top 10.\n
  • Ensure compliance with policies and standards such as secure separation of environments.\n
  • Manage and maintain all security-related tickets, including recommendations, testing and validation.\n
  • Security Compliance (SOC 2 and NIST 800-53) implementation and maintenance.\n
  • AWS security responsibilities: IAM policies, security groups, monitoring; Database security (RDS, Postgres, Redshift).

Requirements

  • Minimum 3 years of hands-on application security experience, including secure SDLC integration, design review, best practices and vulnerability identification/remediation.\n
  • Minimum 3 years hands-on experience securing web application frameworks and applications.\n
  • Minimum 3 years of security frameworks: NIST-800-53/ SOC 2