Application Security Engineer
Trigyn's direct government client has an immediate need for an Application Security Engineer in Baltimore, MD. The particulars of the opportunity are below:Description:The client is looking for an application security engineer to focus on web application vulnerability mitigation. In this role, you will be responsible for leveraging the application scanning platform to plan and execute web application vulnerability remediation. You will utilize your expertise to prioritize remediations to align with business objectives and track remediation progress with technical teams. In addition, you will work closely with the application development team to develop and integrate secure coding practices into our software development lifecycle and develop and provide training for our application developers. This is a challenging role in a high performing team, and an opportunity to be the clients application security subject matter expert. You will perform a technical leadership role in clients continuing cyber security improvements while broadening your skills in an enterprise-wide information security program.Application Security Engineer responsibilities may include but are not limited to: Perform city-wide web application vulnerability scanning. Prioritize the results, perform code reviews and work with the development teams on best practices to remediate. Track remediations to completion. Build strong relationships with the development teams and work with them to integrate secure coding practices into the development lifecycle. Identify patterns of findings, develop and provide training to the developers based on the findings and the OWASP top 10. Schedule penetration testing against selected externally facing systems and be the interface between our 3rd party penetration test vendors and the application owner. Track all pen test findings to completion. Maintain web application inventory. Respond to notifications and alerts of potential threats to reprioritize vulnerability mitigations when necessary. Provide expertise to developers that request secure coding best practices support. Monitor the progress of vulnerability remediation activities and provide metrics and regular status updates. Minimum Education and Experience Requirements: Bachelor's Degree or equivalent in computer engineering/science or a related technical field. 2 plus years of relevant industry experience in software development and application security.Required Skills, Knowledge and Abilities: Demonstrable coding experience in one or more general purpose languages (Java, .NET, Python, C#, NodeJS) Experience in Web Application Firewall deployment and operation. Experience with attacks and mitigation methods; web application and browser security; security assessments and penetration testing. Understanding of information security Risk Management Framework (RMF) methodologies. Previous tools experience working with Kali Linux, Metasploit, Wireshark, nmap, Tenable.io, Rapid7 InsightVM, Qualys, or equivalent toolsets. Basic understanding of data integrity failures and what questions to ask as data is serialized and reconstructed. Solid understanding of security fundamentals and information security control frameworks. Excellent team player, self-confident, motivated, and independent, capable of working with little to no instructions. Ability to multi-task and work in a fast-paced environment. Attention to details and proven problem-solving skills. Demonstrated communications and presentations skills (verbal and written).Preferred Qualifications: Relevant certifications (OSCP, CEH, CSSLP, CASE, GWEB, etc.) Understanding of the Azure DevOps pipeline and how to keep it secure. Experience creating and delivering briefing materialsBALTIMORE CITY RESIDENTS ARE ENCOURAGED TO APPLY!For Immediate Response call 732-876-7640, or send your resume to RecruiterPC@Trigyn.comTRIGYN TECHNOLOGIES, INC. is an EQUAL OPPORTUNITY EMPLOYER and has been in business for 30 years. TRIGYN is an ISO 9001:2015, ISO 27001:2013 (ISMS) and CMMI Level 5 certified company.