Description
We are looking for an Application Security Engineer to join our team in New York. This role is crucial in ensuring the security of our applications, services, and infrastructure by incorporating security practices into the Software Development Lifecycle (SDLC). You will be tasked with identifying, evaluating, and mitigating security risks related to application development and deployment, as well as collaborating with various teams to advocate for security in all technical decisions and developments.
Responsibilities
- Lead the integration of security practices into all phases of the SDLC, including planning, development, testing, and deployment
- Identify, assess, and prioritize security risks within applications, services, and infrastructure, and collaborate with cross-functional teams to mitigate these risks
- Conduct threat modeling exercises to anticipate potential attack vectors and vulnerabilities, and work with development teams to implement countermeasures
- Perform application security assessments, including code reviews, vulnerability scanning, penetration testing, and static/dynamic analysis
- Advocate for secure coding practices and design patterns, providing guidance to development teams to reduce security vulnerabilities
- Collaborate with the incident response team to investigate, analyze, and remediate security incidents related to applications and services
- Deploy and maintain application security tools such as static code analysis, dynamic testing tools, and dependency analysis
- Educate and mentor developers and engineering teams on secure coding practices and emerging security threats
- Ensure compliance with industry standards, regulations, and best practices (e.g., OWASP, NIST, GDPR) in the context of application security
- Stay current on the latest security trends, vulnerabilities, and technologies, and recommend and implement improvements to existing security processes and policies
Requirements
- Possess a minimum of 5 years of experience in the field of application security engineering
- Must have a strong understanding of SDLC - Software Development Life Cycle
- Experience with HITRUST is required
- Knowledge and experience with Open Web Application Security Project is essential
- Proficiency in Application Security is a must
- Strong background in Python scripting is necessary
- Ability to work independently and as part of a team
- Excellent communication and problem-solving skills
- Demonstrated ability to handle multiple tasks and prioritize work
- Must have a strong ethical standpoint and respect for confidentiality requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or related field is preferred.
Technology Doesn't Change the World, People Do.®
Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go.
All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit
© 2024 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to