Application Security Engineer

Crescent Solutions is seeking Application Security Engineer for our client, a large, global entertainment company, who will be a subject matter expert with hands-on experience in a wide range of cloud technologies, software development, application security, security architectures, security tools, and methodologies. The Application Security Engineer will report to the Director, Application Security and will primarily operate remotely within US time zones but will occasionally require flexibility in working hours to support UK based employees. This is a hands-on technical role that will provide the right candidate with an exciting opportunity to leverage and grow technical, process development, and leadership skills in an exciting area of the company.

What You Will Do

• Work with a team of security professionals to enhance existing service offerings and security testing capabilities
• Conduct hands-on technical testing focused on the identification of OWASP-type vulnerabilities in both web and mobile applications, along with associated APIs (REST & GraphQL) and backend databases
• Apply your experience and expertise to challenging technical problems
• Partner with product teams and provide consultative security expertise
• Be expected to continuously improve your skills and knowledge through research
• Create automated data correlation and triage processes to reduce our alert-to-fix time
• Have a meaningful and positive impact on the security of our colleagues and clients
• Be challenged to identify, build, test, and deploy solutions in real-life scenarios, not just in theory
• Be encouraged to innovate and take ownership
• Have the freedom to experiment with novel problem-solving approaches
• Contribute to all security-related initiatives, both tactical and strategic
• Be exposed to emerging security and business technologies
• Have access to best-in-class tools and resources
• Grow and learn on the job every day

What You Will Need

• Preferred experience in a .Net programming / Azure Cloud environment
• 5+ years of experience in Cyber Security engineering and support
• Knowledge of secure coding principles, code signing, security code review, and code analysis
• Strong scripting / API / programming skills in the language of your choice (e.g., PowerShell, Python, Bash, Go, etc.)
• Must be fully proficient in and able to instruct others on the OWASP Top 10
• Knowledge of CI / CD and automation / orchestration tools (e.g., Chef, Puppet, Git, Jenkins, CircleCI, Netlify, SaltStack, Ansible, Terraform)
• Practical implementation and architectural experience in encryption techniques, including data at rest and in transit
• Proficiency in creating data flow diagrams, network diagrams, and other application-related design documents
• Experience in securing cloud infrastructure such as Azure and AWS (i.e., inspection, logging, WAF, VM)
• Some experience with Agile frameworks (Scrum / Kanban)

What You Will Get

• The unique and exciting opportunity to work at one of the leading global entertainment companies
• Access to the tools, leadership, and resources you will need to create and drive a center of excellence
• The opportunity to do the best work of your career
• Work in an inclusive and diverse company culture
• Competitive benefits and programs to support your well-being

Application Security Engineer • California, US