Compunnel, Inc.
We are seeking a highly skilled Application Security Engineer with a strong foundation in secure software development and DevOps practices.
The ideal candidate will have hands-on experience with Java or Python, deep knowledge of application security principles, and proficiency in DevOps tools such as Jenkins, UCD, and GitLab.
This role is critical in integrating security into the development lifecycle and ensuring the resilience of applications in cloud environments like AWS.
Key Responsibilities
Implement and promote secure coding practices across development teams.
Integrate security tools (e.g., Fortify, Nexus, ZAP) into CI/CD pipelines.
Collaborate with developers and DevOps teams to remediate vulnerabilities and enhance security posture.
Develop and maintain automation scripts using Java, Python, or Groovy.
Design and implement security controls in AWS environments.
Conduct threat modeling, code reviews, and security assessments.
Monitor and respond to application-related security incidents.
Stay up to date with emerging security threats, tools, and best practices.
Required Qualifications
3+ years of experience in application security or DevSecOps roles. Proficiency in Java, Python, or Groovy. Strong understanding of DevOps tools: Jenkins, UCD, GitLab, etc. Experience with AWS services and cloud security best practices. Hands-on experience with application security scanning tools (e.g., Fortify, Nexus, ZAP). Solid understanding of secure SDLC and CI/CD integration. Excellent problem-solving and communication skills. Preferred Qualifications
Security certifications such as CEH, OSCP, CSSLP, or AWS Security Specialty. Experience with container security and Kubernetes. Familiarity with Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
#J-18808-Ljbffr
3+ years of experience in application security or DevSecOps roles. Proficiency in Java, Python, or Groovy. Strong understanding of DevOps tools: Jenkins, UCD, GitLab, etc. Experience with AWS services and cloud security best practices. Hands-on experience with application security scanning tools (e.g., Fortify, Nexus, ZAP). Solid understanding of secure SDLC and CI/CD integration. Excellent problem-solving and communication skills. Preferred Qualifications
Security certifications such as CEH, OSCP, CSSLP, or AWS Security Specialty. Experience with container security and Kubernetes. Familiarity with Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
#J-18808-Ljbffr