Sr Application Security Engineer
Beacon Hill Staffing Group, LLC

Job Info

---

Note: This role is 100% remote

In this role, you'll have a tremendous opportunity to help design, build and shape an evolving application security program. We're looking for a hands-on, experienced Application Security Engineer who can think, design and execute across a broad set of application security disciplines and domains. You will be the subject matter expert helping to build out best practices, from source code to production. Additionally, you will help mentor more junior Application Security Engineers, code useful APIs/tools, present at development architectural meetings, and help track/remediate application vulnerabilities to completion (or submit a pull request yourself). If you're interested in a predictable, mundane job with few surprises than this is not the role you are looking for. If you're up for discussing the merits of application security approaches, debating architecture/design and implementation tradeoffs, identifying, assessing and remediating vulnerabilities and collaborating with numerous development teams while remaining nimble to incoming security requests, then this could be a potential fit. You'll spend about 30% of your time on application security architecture and design, 60% on implementation including code reviews, application testing, threat hunting, and penetration testing.

The Experience You'll Need (Required):

We're looking for someone who has solid application security experience behind him or her and is looking to level up their skills in a larger environment where they can make a lasting impact.

• 5+ years application security engineering in application, mobile and cloud security
• In-depth knowledge of application security architecture and design best practices (by leveraging OWASP Top 10, CWE, SANS Top 25 frameworks, etc.)
• Programming knowledge in at least two languages (Clojure, Go, Python, JavaScript, Java, Node.js, React, or Angular.js)
• Knowledge and experience with at least two testing methodologies (static, dynamic, code review, or penetration testing)
• Familiarity with container base infrastructure (Docker, Kubernetes, etc.)
• Experience with Infrastructure as Code (Terraform, Ansible, Puppet, Chef or equivalent)
• Ability to collaborate with internal teams to integrate security standards, processes and tools into the software development lifecycle
• Experience with related tools such as Kali Linux, Burpsuite, Nmap, Metasploit, etc.
• Understanding of network and web protocols (TCP/IP, UDP, IPSEC, and HTTP/S)
• Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.)

• Experience securing applications built on Amazon Web Services (AWS) technologies
• Familiarity with audits and standards requirements such ISO 27001, PCI DSS, SOC 1 & 2, etc.
• A growth mindset with a desire to learn and adapt through seeking new challenges

Find Us on Facebook!
Follow Us on Twitter!

Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace. Individuals with Disabilities and Protected Veterans are encouraged to apply.

Company Profile:

Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies' dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers' technical and business needs.

Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles.

Learn more about Beacon Hill Staffing Group and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting www.beaconhillstaffing.com.

We look forward to working with you.

Beacon Hill. Employing the Future™

This job has expired.