Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Application Security Engineer

JFR Staffing

Application Security Engineer

Denver, CO
Paid
  • Responsibilities

    Our Client has 18 years of experience of working with some of the world’s leading Finance, Insurance, Telecommunications, Media, Technology, and Retail companies. Through the Digital Evolution, Agile Transformation and Automation solutions, they help their clients be more engaging, responsive and efficient by supporting them from ideation to production.

    Our Client has over 5,000 employees located in offices in North America and Western Europe and delivery centres in Romania, Moldova, Bulgaria, Serbia, Macedonia, Argentina, Uruguay, Venezuela, and Colombia. Along with investing in long-term customer relationships,

    WHAT WE ARE LOOKING FOR

    We are seeking a dynamic and highly experienced security architect with outstanding client-facing skills. As a senior architect, you will be taking an active technical leadership role on projects to deliver solutions to our clients, and also be involved in pre-sales efforts and in mentoring the company's technical staff.

    Candidates will be evaluated on the basis of:

    1. Hands on technical skills

    2. Client-facing & sales skills

    3. Breadth & length of experience

    In this role you must be confident in engaging in a range of conversations with senior client management and technical staff, have the ability to lead discussions and workshops, and have the technical ability to both architect, design, and implement complex enterprise solutions.

    Main duties:

    • Application and Technology Architecture
    • Drafts conceptual and actual application security policy
    • Consults with and leads clients in evolving their application security and/or DevSecOps program
    • Works with client teams to automate security design and/or testing
    • Assists client development teams during product design with a focus on secure software architecture
    • Assists client development teams to promote re-use of secure code templates/functions
    • Advises client development teams during product development to assure compliance with security principles, guidelines, standards, controls, and governance
    • Assists client development teams with a variety of security testing tools (unit testing, SAST, DAST, etc.) and with remediation of security related test findings
    • Assists client development teams with defining/refining, documenting, and reporting various security related KPI’s throughout the development cycle
    • Shares and articulates security vision with key stakeholders by organizing discussions and formal presentations
    • Participates in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance, remediations, and controls
    • Actively contributes to and participates in broadening the understanding of security and DevSecOps within the company
    • Works closely with DevOps engineers to ensure a shared vision across Endava for DevSecOps
    • Provides technical guidance to cross-functional application development teams
    • Contributes to the technology strategy, vision, requirements, and solutions for client engagements

    Application Design

    • Consults with application development teams to determine security requirements and for planning and delivering business solutions
    • Consults with application development teams to enable secure software design and underlying application infrastructure is properly secured

    Process Management

    • Assists in the development of estimates for security projects
    • Contributes to defining time tables and project plans
    • Assists in the definition of milestones and progress tracking

    Skills Required:

    Desirable:

    • Prior development experience in 2+ programming languages
    • Extensive experience in secure software design/architecture
    • Experience with CI/CD pipelines
    • Knowledge of container security and SOAR technologies
    • In-depth knowledge of one or more cloud platforms (e.g. AWS, Azure)
    • Experience automating security testing
    • Experience with best practices related to securing a development pipeline
    • Exposure to Veracode (SAST & DAST) and 3 rd party component scanners

    Essential:

    • 6+ years of experience in application security
    • Exceptional client-facing communications skills, both written and verbal
    • Expertise with various security and development tools commonly used during the development cycle (e.g. Docker, Jenkins, Puppet, Ansible, Nessus, Veracode, Cucumber, etc.)
    • Very strong analytical skills
    • Experience in pre-sales efforts and running client engagements from a technical perspective
    • Experience in the security issues with modernizing legacy software architectures and designing new software
    • Proficiency in creating a broad range of security and other technical documentation
    • Ability to conduct manual code reviews, looking for security flaws
    • Possess a thorough understanding of the software implementation lifecycle, specifically how security fits into an agile and/or DevSecOps delivery model
    • Bachelor’s Degree in a technical discipline or related experience preferred
    • Possesses a working knowledge of programming languages, software design methodologies, and software architecture
    • Experience in developing patches and/or remediating pre-release flaws
    • Thorough understanding of DevSecOps culture, practices, and tools

    Offer and Benefits:

    • Opportunity to work in a Global Organization
    • Career Development opportunities
    • Work/Life benefits
    • Travel opportunities
    • Competitive salary package
    • Training opportunities
    • Robust benefits package which includes options for:

    Health Care Insurance, Dental Insurance o Vision Insurance o Short / Long Term Disability o 401(k) with company match o Flexible Spending Accounts (Medical, Transit, and Dependent Care) o Paid Life Insurance and AD&D Coverage o Wellness Benefits