Security Engineer – Application Security
Fragomen
full-time
Posted on:
Location Type: Hybrid
Location: Pittsburgh • Pennsylvania • United States
Visit company websiteExplore more
Tech Stack
About the role
- Build, deploy and maintain tooling to validate and track security controls in and around our code
- Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
- Triage programmatic source code findings and automate penetration testing to decrease potential introduction of vulnerabilities
- Lead and collaborate with developers on secure coding techniques and threat modeling
- Contribute to vulnerability detection and remediation of technological offerings
- Deploy developed or OTS security applications to support our efforts
- Participate in a cross-functional response to cyber security incidents
- Work closely the security team to establish prevention, detection and mitigation techniques
- Support the scoping and rules of engagement of our penetration testing regime
Requirements
- 5+ years of web application development (.net, python, java, etc.)
- Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
- Demonstrated understanding of web application penetration testing, secure coding and source code analysis
- Strong, professional communication skills that maintain under pressure
- BA degree in a related field or a combination of related experience is a must.
Benefits
- Health insurance
- 401(k) matching
- Flexible working hours
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
.netpythonjavaSecure SDLCDASTSASTweb application penetration testingsecure codingsource code analysisvulnerability detection
Soft Skills
professional communicationcollaborationleadershipproblem-solvingability to work under pressure