Job Posting for Application Security Engineer at CData Software inc
Application Security Engineer
The Application Security Engineer is responsible for leading department-wide focus on the strategy, development, implementation, and maintenance of the application security program across research, development, quality assurance, support, and IT systems. This is a hands-on position that requires a great deal of general security experience, as well as application development experience and secure coding knowledge.
Location(s):North Carolina Research Triangle preferred, or Remote (if we find someone in India that may work too)
Day-to-Day Responsibilities:
Responsibilities include but are not limited to:
Manage threat detection & SIEM platforms.
Advise in, and participate in, the design of secure products and architectures.
Create or approve documentation that codifies the application security program: this will include the development of secure coding policies, procedures and standards, modification of the SDLC to include the necessary security checkpoints, product deployment, and code review methodologies.
Evaluate potential security related issues and make recommendations on third party tools and components.
Mentor more junior engineers by leading and influencing technical decisions, processes, and best practices with an expert ability to explain technical concepts in written and verbal forms.
Work closely with engineering and product teams to design and implement security-related systems and functionality, including writing secure code as necessary, and verification of threat models, risk, and security posture.
Monitor software usage and perform forensics to verify that the software and infrastructure is performing to the required security standards.
Perform constant monitoring and awareness of key developments in the area of systems, web application, and client application security in order to provide direction of security trends and anticipate emerging standards and best practices.
Attend all meetings necessary for the seamless delivery of the product as part of the Software Development Life Cycle for both On-prem and SaaS.
Engage with customers as needed for deep dives into CData SDLC controls.
Manage and conduct penetration testing and security code reviews.
Lead hands-on trainings for engineering teams following OWASP top risks.
Participate in public security projects and or volunteer time and knowledge to improve the broader security community, representing the company's mission and goals, as well as promoting cooperation and knowledge sharing.
Qualifications:
8 years of increasing responsibility and complexity in terms of any applicable professional experience.
Bachelor's Degree or global equivalent in related discipline.
Typically holds 2 or more industry certifications CISSP preferred.
Actively engage using unique wide-range of professional skills with an expert understanding of industry practices and compliance SOC2, ISO, NIST.
Excellent planning / organizational skills and techniques.
Excellent analysis and problem-solving skills.
Excellent writing, presentation, and communication skills.
Excellent negotiating skills.
Excellent knowledge of secure application programming, coding life cycles and designs.
Excellent understanding of security principles, best practices architectures, tools and processes
Advanced knowledge of multiple current operating systems, network architecture and hosting environments Azure, AWS.
Excellent knowledge of authentication protocols and encryption.
Advanced knowledge of data storage formats, tools and languages.
Advanced knowledge in supply chain / build release risks.
Advanced knowledge in Application Penetration testing tools and processes.
Advanced knowledge of technical stacks, React, .Net, Java, APIs, and SQL Server BD.
Travel Required:10%
Salary.com Estimation for Application Security Engineer in , NC, NC
$109,429 to $139,726
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
Sign up to receive alerts about other jobs that are on the Application Security Engineer career path.
Click the checkbox next to the jobs that you are interested in.
Sign up to receive alerts about other jobs with skills like those required for the Application Security Engineer.
Click the checkbox next to the jobs that you are interested in.