Location: Middletown,PA, USA
Job DescriptionA global electronic design and manufacturing company is seeking a highly skilled Application Security Engineer to join their enterprise Information Security organization. In this role, this individual will play a key role in traditional security engineering tasks and the development and implementation of a comprehensive Application Security (AppSec) programs. Including, but not limited to, code reviews, identifying vulnerabilities in LOB specific or and enterprise applications, creating security policies and procedures, and educating teams on secure coding practices. This is a full time, fully remote role (individual must be comfortable working EST hours) and is an immediate need.Additional Details:Application Security:o Design, develop, and implement a robust Application Security program.o Create and maintain application security policies, standards, and procedures.o Work with the relevant teams to better integrate security into their software development lifecycle (SDLC) processes.o Establish metrics and reporting mechanisms to track the effectiveness of the AppSec program.o Conduct regular security assessments including static and dynamic code analysis (Whitehat).o Perform penetration testing on applications and systems to identify and exploit vulnerabilities.o Collaborate with development teams to remediate identified security issues and vulnerabilities.o Become an expert on TEs various applications and their criticality to TE and our customers.Security Engineering:o Perform traditional Information Security Engineering tasks and responsibilities.o Develop a strong command of our security stack, including but not limited to SIEM(Devo), SOAR(Rapid7 and Devo), EDR/Container Security(Crowdstrike) and more.o Be involved in triaging and responding to potential security incidents, emerging threats and new vulnerabilities.o Provide security design reviews and consultations for new and existing projects.Secure Coding Practices:o Develop and deliver training programs on secure coding practices for development teams.o Stay up-to-date with the latest threats, vulnerabilities, and security trends to advise on best practices.o Assist in integrating security into continuous integration/continuous deployment (CI/CD) pipelines and establishing the Information Security Engineering team (ISE) as a Center of Excellence (COE) for AppSec.Incident Response and Management:o Participate in the incident response process, focusing on application-related security incidents.o Investigate and analyze security breaches and provide actionable recommendations to prevent recurrence.Collaboration and Communication:o Work closely with development, operations, and other IT teams to integrate security seamlessly into development and operational processes.o Act as a security advocate and advisor, fostering a culture of security awareness and best practices.Documentation and Reporting:o Maintain comprehensive documentation for all aspects of the AppSec program.o Prepare and deliver reports to stakeholders, summarizing findings, risks, and remediation efforts.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ...@insightglobal.com .To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: .Skills and Requirements5+ years of experience in application security and security engineeringExperience supporting, developing, and implementing application security programs, standards, and policiesStrong programming experience with Python (java, C#, Javascript are a plus)Understanding of API frameworks and API securityStrong experience working in a cloud environment (AWS preferred)Experience with automation tools and frameworks for security engineeringExposure to container security solutions (Docker, ECS, AKS, Fargate, etc.)Proven ability to work effectively with technical teams and functional, business partnersExcellent communication skills and experience working in a large enterprise environment - Experience with CI/CD pipeliningExperience with application/ infrastructure penetration testingExperience with SIEM and SOAR tools nullWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ...@insightglobal.com.