Enable job alerts via email!

Application Security Engineer II

ASM Research, An Accenture Federal Services Company

Jefferson City (MO)

Remote

USD 103,000 - 145,000

Full time

Today
Be an early applicant

Job summary

A technology consulting firm is seeking an Application Security Analyst to evaluate application security in all phases of the software development life cycle. The role requires strong expertise in JAVA and .NET, with responsibilities including conducting vulnerability assessments and defining security best practices. Ideal candidates should have a Bachelor's Degree and over 7 years of relevant experience. This position offers a hybrid work structure, aligning competitive compensation with experience and skills.

Qualifications

  • 7+ years of experience as an Application Security Developer or Analyst.
  • Expertise with application server technologies such as JAVA and .Net.
  • Hands-on experience with encryption, hashing, and secure interfaces.

Responsibilities

  • Perform software security architecture and design reviews.
  • Conduct vulnerability assessments and provide mitigation recommendations.
  • Support the identification and remediation of application vulnerabilities.

Skills

Application Security Development
Vulnerability Assessment
Secure Coding Best Practices
Static Code Analysis

Education

Bachelor’s Degree in Computer Science or related field

Tools

HP Fortify
Checkmarx
Burp Suite
Job description
Overview

Evaluates application security in all phases of the software development life cycle. Works closely with team members to define application security best practices, perform software architecture and design reviews, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms.



Responsibilities


  • Define application security best practices; perform software security architecture and design reviews; and support identification, interpretation, and remediation of vulnerabilities across various applications, programming languages and platforms.

  • Provide liaison between development teams and stakeholders to understand and formulate security requirements.

  • Conduct vulnerability assessment and manual/automated code reviews; demonstrate vulnerabilities to application owners and provide mitigation recommendations.

  • Apply technical knowledge to analyze/develop, create, and implement process improvements, troubleshooting, and operational support.

  • Experience with SAST, DAST, and OSA tools; perform and conduct penetration tests and manual/automated code reviews.

  • Experience with programming languages such as Java, .NET, C#, etc.; knowledge of Secure Coding best practices and OWASP Top 10, SANS 25, CVE, etc.

  • Identify AppSec related tools, conduct tool analysis, and provide recommendations.



Minimum Qualifications


  • Bachelor’s Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.

  • 7+ years of experience as an Application Security Developer, Application Security Analyst, or equivalent.



Other Job Specific Skills


  • Expertise with application server technologies such as JAVA, .Net, Python, etc.

  • In-depth knowledge of security technologies, single-sign-on and identity management technologies.

  • Expertise with web system security concepts, including authentication, authorization (RBAC), encryption/hashing, SAML, and LDAP.

  • Knowledge of web application vulnerabilities such as XSS, session hijacking, SQL injection, CSRF, OWASP Top 10, and other attack vectors.

  • Hands-on experience with encryption, hashing, secure random number generation, key derivation, and digital signatures.

  • Knowledge of network-based, system-level and application-layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.

  • Experience with static code analysis tools (e.g., HP Fortify, Checkmarx); familiarity with JavaScript, Node.js, or other scripting languages and Burp Suite or similar tools.

  • Experience working with Git source code management.

  • Solid working knowledge of Unix/Linux operating systems.

  • Experience with one or more of the following technologies: Vagrant, Chef, Rake, Gradle, Jenkins; Cache DB is preferred.

  • Understanding of Agile/Scrum methodologies is preferred.



Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors, including location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.



EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.


All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.



Physical Requirements

The physical requirements described in the Knowledge, Skills and Abilities above are representative of those which must be met by an employee to successfully perform the primary functions of this job. Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.



Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.


103400-145000


Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.