Remote Application Security Engineer - CirrusLabs
PA, PA
About the Job
Summary
Cybersecurity Architects' are a group of professionals who ensure that systems, services, applications, and infrastructure work reliably and securely. The Cybersecurity Architect is expected to have a beginning to moderate understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.
For this role, applicants should be proficient in assessing application security. This includes an understanding of the security software development lifecycle (SDLC), as well as being proficient in at least one programming language.
Essential Duties and Responsibilities:
Core Requirements:
Familiarity with the secure SDLC
Proficiency in at least one programming language
Experience conducting code reviews from a cybersecurity perspective
Familiarity with the OWASP Top 10 (e.g., XSS, CSRF, etc.)
Experience with OAUTH and ADFS
Experience conducting security assessments, including assessing the security of third-party vendors
Stay up to date on the latest security and industry trends including their compliance requirements
Maintain knowledge of cybersecurity frameworks such as NIST and CIS and other security technology by attending workshops and reviewing publications
Responsible for overseeing the security controls for the company with minimal oversight
Responsible for designing and implementing new security technologies with minimal oversight
With minimal oversight, provide training to other members of the team
With minimal oversight, maintain complex project tasks and interface with various teams
Provide thoughts on and assist in developing new features to be added to the SIEM
With oversight, identify and design new security policies for the organization
With minimal oversight, assist in maintaining PCI compliance of the organization
With minimal oversight, assist in the design and implementation of a vulnerability management program
With minimal oversight, aid in the design, implementation, and enhancement of the security awareness program
Preferred Skills:
Education and/or Experience
Cybersecurity Architects' are a group of professionals who ensure that systems, services, applications, and infrastructure work reliably and securely. The Cybersecurity Architect is expected to have a beginning to moderate understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.
For this role, applicants should be proficient in assessing application security. This includes an understanding of the security software development lifecycle (SDLC), as well as being proficient in at least one programming language.
Essential Duties and Responsibilities:
Core Requirements:
Familiarity with the secure SDLC
Proficiency in at least one programming language
Experience conducting code reviews from a cybersecurity perspective
Familiarity with the OWASP Top 10 (e.g., XSS, CSRF, etc.)
Experience with OAUTH and ADFS
Experience conducting security assessments, including assessing the security of third-party vendors
Stay up to date on the latest security and industry trends including their compliance requirements
Maintain knowledge of cybersecurity frameworks such as NIST and CIS and other security technology by attending workshops and reviewing publications
Responsible for overseeing the security controls for the company with minimal oversight
Responsible for designing and implementing new security technologies with minimal oversight
With minimal oversight, provide training to other members of the team
With minimal oversight, maintain complex project tasks and interface with various teams
Provide thoughts on and assist in developing new features to be added to the SIEM
With oversight, identify and design new security policies for the organization
With minimal oversight, assist in maintaining PCI compliance of the organization
With minimal oversight, assist in the design and implementation of a vulnerability management program
With minimal oversight, aid in the design, implementation, and enhancement of the security awareness program
- Effectively deal with rapid change in a positive manner
- Assist in process improvements to enhance the efficiency of current operational procedures
- Coordinate relations with and serve as a liaison between business and IT staff
- Assist in developing short-term and long-term department goals which support long-term strategic goals
- Ensure the coordination and communication of production changes
- Participate in all company/location driven communication efforts, including huddles, department meetings, and other related efforts
- Maintain a positive and professional working relationship with peers, management, support resources, and the community with a constant commitment to teamwork and exemplary customer service to present a professional image
- Perform all other duties as assigned by management in a professional and efficient manner
Preferred Skills:
- Proficiency in web development, .NET, and/or Java
- Familiarity with API security best practices
- Experience conducting code reviews from a cybersecurity perspective
- Ability to design and support the implementation of security as part of the continuous deployment process
- Exceptional verbal and written communications skills
- Effectively communicate complex technological issues in business terms at any level within the organization
- Respond to customer inquiries, effectively communicate critical problems and discuss resolutions with management
- Highly self-motivated and directed
- Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations
- Ability to lead complex initiatives and project teams with supervision
- Ability to communicate topics and concepts to the team and a diverse audience
- Ability to handle multiple overlapping projects and competing deadlines with minimal oversight.
- Strong time management, attention to detail, and communications skills
Education and/or Experience
- Associates degree in Cybersecurity or similar area of study required or equivalent years of related work experience
- Bachelor's degree in Cybersecurity or similar area of study preferred
- At least 3-5 years of experience in cybersecurity with application security preferred
- Industry certifications (CSSLP, CASE, CEH, Security+, CISSP, GWEB, , CCNA Security or similar) preferred
- Scripting experience in PowerShell, Python or Perl preferred
Source : CirrusLabs