OverviewThe Application Security Engineer I is a foundational role within the SOC, instrumental in shielding the organization's web applications from malicious threats. This proactive individual will be deeply involved in crafting robust defenses for critical applications, working with development teams to improve secure coding practices, promptly responding to any threats or attacks, and actively contributing to the development of custom alerting use-cases tailored for public-facing applications. They exhibit a broad sense of ownership over application security domains, from prevention and detection to a decisive response, ensuring comprehensive application protection.
Responsibilities
- Assist with the proactive identification and rapid response to security threats targeting critical applications.
- Contribute to the development and refinement of custom alerting use-cases to monitor for threats against public-facing web applications.
- Play an integral part in the application security lifecycle, including policy formulation, security design review, and threat modeling.
- Participate in the continuous eveolution of security incident management processes and emergency response plans.
- Work closely with development teams to embed security awareness and best practices into the development life cycle.
- Engage in continuous education to remain abreast of new threats, vulnerabilities, and security trends.
- Assist in the coordination and preparation of 3rd-party PenTests.
- Ability to develop a foundational knowledge/capability of application PenTests.
Qualifications
Education & Experience:
- A Bachelor's Degree in Computer Science or a closely related field.
- Three years of experience in information security, in a technical role, preferably with exposure to application security in a corporate environment.
- Demonstrated participation in security projects with a focus on applications, including internships or academic projects.
- A grounding in programming and scripting languages, and an appreciation for the secure software development lifecycle.
Skills & Qualifications:
- A proactive mindset with a thorough sense of responsibility for all aspects of application security.
- Effective communication skills to articulate security needs and breaches to technical and non-technical stakeholders.
- Capability to juggle multiple security tasks with an analytical approach to problem-solving and a keen eye for detail.