ShorePoint Inc

Application Security Engineer

ShorePoint Inc

full-time

Posted on:

Location Type: Remote

Location: VirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

JavaLinux.NETPythonUnix

About the role

  • Support and operate application security testing capabilities across SAST, DAST and IDE plug-in environments, with primary focus on Burp Suite and Veracode.
  • Configure, maintain and troubleshoot Burp Suite and Veracode integrations to enable consistent application security testing workflows.
  • Partner with development and engineering teams to identify, validate and remediate security vulnerabilities.
  • Apply vulnerability standards and scoring methodologies to findings, including OWASP Top 10, CVSS, CWE, WASC and SANS-25.
  • Navigate and troubleshoot within Linux or UNIX environments, including basic website connectivity issues.
  • Support the design and implementation of enterprise-wide security controls that secure applications, systems, networks or infrastructure services.
  • Use IDEs and development toolchains (Eclipse, JDeveloper, Visual Studio) to support developer workflows, including pipeline development activities where applicable.
  • Support compliance-aligned security activities in federal environments leveraging NIST 800-53, FIPS and/or FedRAMP standards.

Requirements

  • Bachelor’s degree in an IT-related field
  • 6+ years of Information Technology experience
  • 3+ years of experience supporting SAST, DAST and IDE plug-in environments using Burp Suite, including 3+ years of hands-on Burp Suite experience
  • 1+ year of experience supporting SAST, DAST and IDE plug-in environments using Veracode
  • 3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, networks or infrastructure services
  • 2+ years of experience with Java, Python, .NET or C#
  • 2+ years of experience working in Linux-based environments, including navigating and troubleshooting basic website connectivity issues
  • Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking
  • Experience with Eclipse, JDeveloper and/or Visual Studio, including pipeline development experience
  • Experience securing enterprise web applications, including familiarity with OWASP Top 10, CVSS, CWE, WASC and SANS-25
  • Knowledge of federal compliance standards, including NIST 800-53, FIPS and/or FedRAMP
  • Applicants must be a U.S. citizen in compliance with federal contract requirements.
Benefits
  • 18 days of PTO
  • 11 holidays
  • 85% of insurance premium covered
  • 401k
  • continued education
  • certifications maintenance
  • reimbursement and more
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SASTDASTBurp SuiteVeracodeJavaPython.NETC#Linuxpipeline development
Soft Skills
critical thinkinganalytical skills