Dunhill Professional Search & Government Solutions
Application Security Engineer
Dunhill Professional Search & Government Solutions, Baltimore, Maryland, United States, 21276
Overview
Keep code secure from day one!
We’re looking for an
Application Security Specialist
to define best practices, review designs, and stop vulnerabilities in their tracks. Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms. Responsibilities
Define application security best practices and review software architecture and designs. Identify, interpret, and remediate vulnerabilities across a variety of applications, programming languages, and platforms. Conduct vulnerability assessment and manual/automated code reviews. Demonstrate vulnerabilities to application owners and provide mitigation recommendations. Support development of technical security safeguards to protect information systems from intentional or accidental access/destruction. Act as liaison between development teams and stakeholders to understand and formulate security requirements. Define, maintain, and enforce application security best practices. Apply security knowledge to analyze, develop, and implement process improvements, troubleshooting, and operational support. Experience with SAST, DAST, and OSA tools; perform penetration tests and both manual and automated code reviews. Identify appsec related tools, conduct tool analysis, and provide recommendations. Work with one or more programming languages (e.g., Java, .NET, C#) and web technologies; knowledge of OWASP Top 10, CVE, and related security concepts. Minimum Qualifications
Bachelor’s Degree in Computer Science, Engineering, or other technical discipline or equivalent relevant experience. 7+ years of experience as an Application Security Developer, Application Security Analyst, or equivalent. Other Job Specific Skills
Expertise with application server technologies such as Java, .NET, Python, etc. In-depth knowledge of security technologies, single sign-on and identity management technologies. Web system security concepts including authentication, authorization (RBAC), encryption/hashing, SAML, and LDAP. Knowledge of web application vulnerabilities (XSS, session hijacking, SQL injection, CSRF, OWASP Top 10) and other attack vectors. Hands-on experience with encryption, hashing, secure random number generation, key derivation, and digital signatures. Understanding of network, system, and application layer attacks and mitigation methods; familiarity with TCP/IP, HTTP/S, and related protocols. Experience with static code analysis tools (e.g., HP Fortify, Checkmarx). Experience with Git source code management. Solid working knowledge of Unix/Linux operating systems. Experience with tools/tech like Vagrant, Chef, Rake, Gradle, Jenkins; knowledge of Cache DB is preferred. Understanding of Agile/Scrum methodologies is preferred. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries: Computer and Network Security and Software Development Referrals increase your chances of interviewing at Dunhill Professional Search & Government Solutions by 2x Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Washington DC-Baltimore Area $145,000 - $235,000 5 days ago Application Security Engineer - Mid-Atlantic region (Reston, VA)
Washington DC-Baltimore Area $110,000 - $180,000 5 days ago Distinguished Security Engineer – FedRAMP
Washington, DC $165,000 - $180,000 6 days ago Washington, DC $115,000 - $140,000 Oracle Cloud Application Security Sr. Developer
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Keep code secure from day one!
We’re looking for an
Application Security Specialist
to define best practices, review designs, and stop vulnerabilities in their tracks. Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms. Responsibilities
Define application security best practices and review software architecture and designs. Identify, interpret, and remediate vulnerabilities across a variety of applications, programming languages, and platforms. Conduct vulnerability assessment and manual/automated code reviews. Demonstrate vulnerabilities to application owners and provide mitigation recommendations. Support development of technical security safeguards to protect information systems from intentional or accidental access/destruction. Act as liaison between development teams and stakeholders to understand and formulate security requirements. Define, maintain, and enforce application security best practices. Apply security knowledge to analyze, develop, and implement process improvements, troubleshooting, and operational support. Experience with SAST, DAST, and OSA tools; perform penetration tests and both manual and automated code reviews. Identify appsec related tools, conduct tool analysis, and provide recommendations. Work with one or more programming languages (e.g., Java, .NET, C#) and web technologies; knowledge of OWASP Top 10, CVE, and related security concepts. Minimum Qualifications
Bachelor’s Degree in Computer Science, Engineering, or other technical discipline or equivalent relevant experience. 7+ years of experience as an Application Security Developer, Application Security Analyst, or equivalent. Other Job Specific Skills
Expertise with application server technologies such as Java, .NET, Python, etc. In-depth knowledge of security technologies, single sign-on and identity management technologies. Web system security concepts including authentication, authorization (RBAC), encryption/hashing, SAML, and LDAP. Knowledge of web application vulnerabilities (XSS, session hijacking, SQL injection, CSRF, OWASP Top 10) and other attack vectors. Hands-on experience with encryption, hashing, secure random number generation, key derivation, and digital signatures. Understanding of network, system, and application layer attacks and mitigation methods; familiarity with TCP/IP, HTTP/S, and related protocols. Experience with static code analysis tools (e.g., HP Fortify, Checkmarx). Experience with Git source code management. Solid working knowledge of Unix/Linux operating systems. Experience with tools/tech like Vagrant, Chef, Rake, Gradle, Jenkins; knowledge of Cache DB is preferred. Understanding of Agile/Scrum methodologies is preferred. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries: Computer and Network Security and Software Development Referrals increase your chances of interviewing at Dunhill Professional Search & Government Solutions by 2x Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Washington DC-Baltimore Area $145,000 - $235,000 5 days ago Application Security Engineer - Mid-Atlantic region (Reston, VA)
Washington DC-Baltimore Area $110,000 - $180,000 5 days ago Distinguished Security Engineer – FedRAMP
Washington, DC $165,000 - $180,000 6 days ago Washington, DC $115,000 - $140,000 Oracle Cloud Application Security Sr. Developer
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr