Grant Thornton (US)

Application Security Engineer, Senior Associate

Grant Thornton (US)

full-time

Posted on:

Location Type: Remote

Location: Remote • Illinois, Ohio • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $96,000 - $144,000 per year

Job Level

Senior

Tech Stack

AzureDockerKubernetesMicroservicesSDLCSQLTerraformVault

About the role

  • Securing the Software Development Life Cycle
  • Security oversight of the continuous delivery, continuous integration (CI/CD) pipeline
  • Combination of static and dynamic application security testing (SAST/DAST), to identify code bugs and application issues.
  • Software composition analysis (SCA) to track all open-source components in the developer’s code base.
  • Threat modelling to identify architectural design faults and potentially exposed targets of attack.
  • Evaluate and advise on service deployment into a microservices architecture (Kubernetes), and operational functions relative to security best practices and compliance requirements
  • Maintain security issue tracking and reporting using Azure DevOps (ADO)
  • Develop and maintain documentation of target state designs and security roadmaps.
  • Evaluate applications and environments against Security Frameworks and Compliance requirements.
  • Develop and manage Azure Policy to enforce Security Baseline standards.

Requirements

  • Minimum of 2-3 years working in development and security operations OR a combination of relevant experience
  • Demonstrated Security and Development Operational expertise:
  • Azure DevSecOps
  • Microservice architecture (Kubernetes)
  • Authentication and Identity Governance (AzureAD, Identity and Access Management, OAuth 2.0, OpenID, Conditional Access)
  • Container security (Docker and Runtime)
  • Encryption (Key Vault)
  • Azure SQL Server and Azure Cosmos DB
  • Azure Block Storage and Data Caching
  • .net, C#, REST API
  • Terraform
  • CICD code analysis (SAST/DAST) ideally using Veracode
  • Threat modelling
  • Post high school education and/or work-related experience in Computer Science, Information Systems, or other Information Technology related field
  • Effective communication (verbal and written) and project management skills to work with various levels and divisions within the organization.
  • Strong organisational and communication skills
  • Ability to learn and adapt to a constantly changing technology and threat landscape.
  • Relationship building is a key requirement (this role scope of responsibility will on occasion extend to communicating with executive leadership and cross-functional teams)
  • Provides expertise and solutions for complex initiatives and is capable of making independent decisions.
  • Cultural awareness, the ability to work well with people from different disciplines and backgrounds.
  • Ability to be agile, respond positively to change and contribute with an innovative and global mindset.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Azure DevSecOpsMicroservice architectureAuthentication and Identity GovernanceContainer securityEncryption.netC#TerraformCICD code analysisThreat modelling
Soft skills
Effective communicationProject managementOrganisational skillsAdaptabilityRelationship buildingCultural awarenessAgilityInnovative mindset