eTeam
Job Title : Application Security (AppSec) Specialist
Location: Indianapolis, IN
Shift: Day 5*8
Duration: 13 Weeks
Pay Rate: $60-$85/hr
Job Description: We are looking for a knowledgeable and proactive
Application Security (AppSec) Specialist
to integrate security into our DevOps pipelines and application development lifecycle. This role will bridge the gap between development, security, and operations, ensuring secure software development practices are embedded into all stages of the SDLC. Key Responsibilities: Design and implement secure development practices across CI/CD pipelines and software architecture. Perform application security assessments, including static (SAST), dynamic (DAST), and software composition analysis (SCA). Work closely with development teams to review code, identify vulnerabilities, and implement secure coding best practices. Champion DevSecOps initiatives by integrating security tools (e.g., Snyk, Checkmarx, Veracode, SonarQube) into CI/CD workflows (e.g., Jenkins, GitLab, GitHub Actions). Assist in threat modeling and risk assessments for web and mobile applications. Develop security automation scripts and tools to enhance security monitoring and testing. Collaborate with product teams, architects, and engineers to prioritize remediation efforts and guide secure design. Keep up to date with the latest application vulnerabilities (e.g., OWASP Top 10) and emerging threats. Required Qualifications:
Bachelor's degree in Computer Science, Cybersecurity, or a related technical field. 3+ years of experience in application security or DevSecOps roles. Solid understanding of secure coding practices, software security architecture, and common vulnerabilities. Hands-on experience with tools like Snyk, Veracode, Checkmarx, Fortify, OWASP ZAP, or Burp Suite. Familiarity with cloud-native security (AWS, Azure, or GCP) and infrastructure as code (Terraform, CloudFormation). Working knowledge of CI/CD tools and pipelines (e.g., Jenkins, GitHub Actions, GitLab CI/CD). Industry certifications such as CSSLP, GWAPT, OSWE, or GIAC GWEB are a plus. Preferred Skills:
Programming/scripting experience (e.g., Python, Java, JavaScript, or Go). Strong communication skills for engaging with developers and explaining complex vulnerabilities. Experience working in agile and DevOps-oriented environments.
Job Description: We are looking for a knowledgeable and proactive
Application Security (AppSec) Specialist
to integrate security into our DevOps pipelines and application development lifecycle. This role will bridge the gap between development, security, and operations, ensuring secure software development practices are embedded into all stages of the SDLC. Key Responsibilities: Design and implement secure development practices across CI/CD pipelines and software architecture. Perform application security assessments, including static (SAST), dynamic (DAST), and software composition analysis (SCA). Work closely with development teams to review code, identify vulnerabilities, and implement secure coding best practices. Champion DevSecOps initiatives by integrating security tools (e.g., Snyk, Checkmarx, Veracode, SonarQube) into CI/CD workflows (e.g., Jenkins, GitLab, GitHub Actions). Assist in threat modeling and risk assessments for web and mobile applications. Develop security automation scripts and tools to enhance security monitoring and testing. Collaborate with product teams, architects, and engineers to prioritize remediation efforts and guide secure design. Keep up to date with the latest application vulnerabilities (e.g., OWASP Top 10) and emerging threats. Required Qualifications:
Bachelor's degree in Computer Science, Cybersecurity, or a related technical field. 3+ years of experience in application security or DevSecOps roles. Solid understanding of secure coding practices, software security architecture, and common vulnerabilities. Hands-on experience with tools like Snyk, Veracode, Checkmarx, Fortify, OWASP ZAP, or Burp Suite. Familiarity with cloud-native security (AWS, Azure, or GCP) and infrastructure as code (Terraform, CloudFormation). Working knowledge of CI/CD tools and pipelines (e.g., Jenkins, GitHub Actions, GitLab CI/CD). Industry certifications such as CSSLP, GWAPT, OSWE, or GIAC GWEB are a plus. Preferred Skills:
Programming/scripting experience (e.g., Python, Java, JavaScript, or Go). Strong communication skills for engaging with developers and explaining complex vulnerabilities. Experience working in agile and DevOps-oriented environments.