Application Security Engineer
Company: Lamwork
Location: Santa Clara
Posted on: November 6, 2024
Job Description:
APPLICATION SECURITY ENGINEER RESUME EXAMPLEUpdated: July 26,
2024 - The Application Security Engineer plays a crucial role in
ensuring the resilience and scalability of web applications,
advising on secure design principles, and addressing security
issues. Responsibilities include validating, tracking, and
prioritizing security issues, developing internal security tools,
and participating in security incident response. Additionally, they
contribute to security compliance efforts, evaluate new security
technologies, and promote a culture of security awareness across
development teams.Application Security Engineer Positions1.
Application Security Engineer, Intel Corporation, Santa Clara,
CAJob Summary:
- Define, plan and oversee security initiatives and
processes
- Lead, motivate, and inspire both your fellow Engineering
Organization to drive toward the SecOps vision
- Triage security issues found and allocate to the right
functions to address them
- Build and manage tooling to improve our security
- Implement security fixes on both infrastructure and
applications
- Build and manage strong relationships with Product and
Engineering leaders across the organization
- Build awareness and support for security to integrate SecOps
into the cultural fabric of the organization
- Collaborate with peers to creatively solve problems and drive
department-wide objectives
- Work closely with the InfoSec team to support internal and
external security audits, penetration testing, and certification
processes
- Stay up-to-date on current software development technologies
and security controls
- Embrace a culture of continuous service improvement and service
excellence
- Collaborate with engineering teams to provide feedback on
products and development environments.2. Application Security
Engineer, Dropbox, San Francisco, CAJob Summary:
- Partner with engineering and product teams in the design phase
of products and features
- Perform threat modeling and security architecture and design
reviews
- Conduct ongoing network and application penetration
testing
- Track vulnerabilities and partner with engineering and product
to remediate vulnerabilities according to Mosaic policies
- Lead security projects including the implementation and
configuration of security tools and automation for ongoing
testing
- Deliver security training to internal development teams
- Evaluate data management, data quality, and data access
processes for gaps, inefficiencies, and opportunities
- Work and remediate bugs with affected application and
infrastructure teams
- Advise and consult internal customers on risk assessment,
incident triage, threat modeling, and security vulnerability
mitigation
- Mentor developers on evolving threats to their applications and
help ensure state-of-the-art secure development practices are being
used
- Perform code reviews of security-critical code
- Research and analyze potential new threats, attack vectors, and
risks and identify mitigation efforts3. Application Security
Engineer, Stripe, San Francisco, CAJob Summary:
- Conduct application security reviews for our services and
applications
- Perform penetration testing for critical services and
applications
- Perform security code reviews for critical changes during the
development phase
- Deliver security training and outreach to internal development
teams
- Develop security best practices documentation for internal
security applications
- Develop automation to streamline common tasks, tests,
workflows, etc.
- Train and mentor DevOps and Developer teams on application
security best practices
- Actively promote security culture and education within the
organization
- Build tools to automate security checks across products and IT
workflows
- Perform security testing for new and existing features across
web, mobile, and desktop products
- Enumerate security risks and controls to mitigate them
- Research new technologies and present security best practices
to product teams
- Guide teams on adoption and execution of a Secure Product Life
Cycle4. Application Security Engineer, McAfee, Santa Clara, CAJob
Summary:
- Participate in building better, more robust, and automated
processes for the Technology Services department
- Occasionally serve as Tier 2 support for security tools support
and troubleshooting
- Become a subject matter expert on company systems to enhance
and mature the capabilities that the Information Security team has
in the environment
- Front line support for the Information Security intake
process
- Participate in providing best-in-class security recommendations
in conjunction with Security Architecture
- Risk ranking information security risks and triaging tasks
- Participate in the Company's project life cycle business
process for escalation to security architecture
- Participate in the Company's Security program vulnerability
management program
- Security tool evaluation, recommendation, and maintenance
- Develop and optimize the security tools used throughout the
platform infrastructure and contribute to the overall security
strategy across the organization5. Application Security Engineer,
Zoom Video Communications, San Jose, CAJob Summary:
- Help build robust and scalable web applications
- Advise on the secure design of applications and services and
participate in threat modeling
- Validate, track, and prioritize security issues
- Design and build internal security tools that help fix security
problems
- Participate in security incident response and help improve SIEM
tools
- Provide subject matter expertise on cloud security,
application-level security controls, and safe programming
practices
- Promote security knowledge across development teams and inspire
security champions
- Identify security issues and risks, and develop mitigation
plans
- Design, implement, support, and evaluate security-focused tools
and services including project leadership
- Develop and interpret security policies and procedures
- Participate in security compliance efforts
- Develop and deliver recommended new and emergency security
products and technologies6. Application Security Engineer, VMware,
Palo Alto, CAJob Summary:
- Architect, design, and implement security controls for
maintaining a secure ecosystem built in alignment with a zero-trust
architecture
- Stay current with solutions in the market, recommend
improvements and solutions to existing posture
- Assist with the documentation and maintenance of designs for
security systems and controls
- Assist in incident response, breach analysis, and tabletop
exercises
- Work closely with product development, platform, and IT teams
on various architectural and design aspects of product and internal
security
- Maintain strong knowledge of ongoing security threats and
recommended best practices
- Conduct security readiness assessments, application pen tests,
and analysis of findings
- Collaborate with compliance and technology teams to build
actionable functional and technical requirements
- Be responsible for the development of documentation (written
and video) for AppSec products used within the organization
- Work with teams to identify and close gaps in application
security applications and their products
- Help to establish and communicate best practices involving
implementation of technologies and AppSec solutions
- Work with multiple diverse teams spread throughout the world7.
Application Security Engineer, Slack Technologies, San Francisco,
CAJob Summary:
- Work with the security team to ensure the security of in-house
developed applications and COTS systems
- Perform analysis, investigation, and remediation of
applications and systems partnering with vendors
- Ensure superior OS hardening and other security configuration
best practices
- Provide security assistance to the security and infrastructure
team on projects and system architecture
- Perform behavioral analysis and review of application logs,
alerts, and other security information to detect potentially
malicious events
- Manage InfoSec development, testing, and QA functions to ensure
that projects are securely delivered and fulfill security
requirements
- Evaluate, test, and recommend new application and coding
security techniques and strategies
- Evaluate and recommend new and emerging security products and
technologies
- Oversee the code vulnerability scans and applications patching
process
- Review vendor or third-party security processes
- Review and recommend Cloud and SaaS solutions from an API
security perspective8. Application Security Engineer, Citrix
Systems, Fort Lauderdale, FLJob Summary:
- Participate in security design discussions, providing technical
engineering and operational guidance to developers and internal
customers
- Complete review and improvements for security standards,
preferred implementation patterns, secure common frameworks, and
developer documentation and education materials
- Provide advice on recommended remediations and educate
developers on how to build more secure software
- Identify emerging trends in the industry and establish
strategic guidance related to best practice approaches to address
those trends
- Define and embed technical security policies, principles, and
standards
- Use code analysis solutions to evolve the secure-by-design
principle
- Develop, maintain, and automate security tools for secure SDLC,
including ongoing developer training
- Maintain good practices around code repos (like Git),
identifying and remediating weaknesses in Open Source
libraries
- Provide advice to development teams on all aspects of security
within the development lifecycle
- Proactively identify vulnerabilities, provide solutions, and
drive remediation
- Work closely with platform teams to build centralized security
reporting dashboards
- Automate the identification and remediation of security issues
across Cloud services9. Application Security Engineer, Dell
Technologies, Round Rock, TXJob Summary:
- Develop relationships across internal product, engineering, and
technical organizations
- Stay up to date with the latest vulnerabilities, exploits,
security trends, and general changes in technology to provide
guidance on how these affect the security of business
- Threat modeling, architecture, and design reviews on services
and applications as required
- Help other departments to build security into their
workflow
- Mentor and cross-train other Security Engineers across the
division
- Evaluate and promote new and existing security standards,
solutions, and tools
- Implement technical solutions in line with the cybersecurity
strategic plans
- Analyze threats and vulnerabilities to determine security
impact
- Assess the security of core platform infrastructure
- Build technologies to detect and prevent security
vulnerabilities
- Help development teams build security into the Workday platform
by performing threat modeling, architecture reviews, and code
reviews
- Provide recommendations for hardening applications and
environments10. Application Security Engineer, Atlassian, Mountain
View, CAJob Summary:
- Facilitate efforts in Engineering Teams to perform and maintain
threat models and provide coaching and guidance to Engineers
- Use knowledge of common risks and vulnerabilities to guide
Engineering teams in building products
- Use and maintain security tooling and processes, such as
DAST/SAST tools and vulnerability reporting
- Deploy and automate AWS security features such as IAM rules,
AWS Config, roles, etc.
- Confirm vulnerabilities in reports such as responsible
disclosures
- Promote and champion a culture of Application Security among
teams
- Facilitate and participate in incident response efforts
- Record and communicate vulnerability findings and keep records
up to date
- Work with application development teams to provide guidance on
best practices for secure application development across a variety
of languages and frameworks
- Triage incoming bug reports from the information security team
and the security research community11. Application Security
Engineer, DocuSign, San Francisco, CAJob Summary:
- Partner with software engineers, DBAs, and QA engineers to
ensure adequate security processes and tools are in place
- Mitigate identified risks to an acceptable level to meet
business objectives and regulatory requirements
- Provide security advice to development and testing teams
- Provide expert-level guidance during internal and external
application security assessments
- Identify, recreate, and remediate security defects
- Provide training for development and QA teams on implementing
security into their existing practices
- Help to develop a security mindset among the engineering
teams
- Implement and execute an application-level threat modeling
program for the enterprise
- Prioritize and track security issues and work with necessary
teams to ensure remediation
- Serve as a leader by promoting security awareness and mentoring
team members
#J-18808-Ljbffr
Keywords: Lamwork, Merced , Application Security Engineer, Engineering , Santa Clara, California
Didn't find what you're looking for? Search again!
Loading more jobs...