Security Engineer
Posted Today by Sage IT Inc
Negotiable
Undetermined
Remote
Remote or Texas
Summary: The role of Security Engineer focuses on enhancing application security through SAST, DAST, and RASP methodologies. The engineer will be responsible for conducting security assessments, identifying vulnerabilities, and integrating security practices into the software development lifecycle. This position requires extensive experience in application security and familiarity with various security tools and practices. The role is remote, allowing for flexibility in work arrangements.
Key Responsibilities:
- Perform SAST, DAST, and RASP assessments on web applications.
- Identify, validate, and remediate application security vulnerabilities.
- Integrate security testing into CI/CD pipelines.
- Work with development teams to implement secure coding practices.
- Conduct security reviews and support vulnerability remediation.
- Ensure compliance with security standards and best practices.
Key Skills:
- 13+ years of experience in Application Security or Cybersecurity.
- Hands-on experience with SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and RASP (Runtime Application Self-Protection).
- Knowledge of secure coding practices and OWASP Top 10.
- Experience with security scanning tools such as Checkmarx, Veracode, Fortify, SonarQube, Burp Suite, or similar.
- Familiarity with CI/CD pipelines and DevSecOps.
- Basic knowledge of cloud security (AWS, Azure, or Google Cloud Platform).
- Scripting experience with Python, PowerShell, or Bash is a plus.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Location: Remote
Job Description:
We are seeking a Security Engineer with experience in SAST, DAST, and RASP to help secure applications throughout the software development lifecycle.
Required Skills:
- 13+ years of experience in Application Security or Cybersecurity.
- Hands-on experience with SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and RASP (Runtime Application Self-Protection).
- Knowledge of secure coding practices and OWASP Top 10.
- Experience with security scanning tools such as Checkmarx, Veracode, Fortify, SonarQube, Burp Suite, or similar.
- Familiarity with CI/CD pipelines and DevSecOps.
- Basic knowledge of cloud security (AWS, Azure, or Google Cloud Platform).
- Scripting experience with Python, PowerShell, or Bash is a plus.
Responsibilities:
- Perform SAST, DAST, and RASP assessments on web applications.
- Identify, validate, and remediate application security vulnerabilities.
- Integrate security testing into CI/CD pipelines.
- Work with development teams to implement secure coding practices.
- Conduct security reviews and support vulnerability remediation.
- Ensure compliance with security standards and best practices.
Preferred Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- Security certifications such as Security+, CEH, CSSLP, or CISSP are preferred.
Skills:
Vulnerability Management
Threat modelling
Secure code development
Vulnerability Remediation
Security automation
Sast, dast , rasp