Information on job openings is provided as a courtesy in the spirit of information sharing within the information security community. Metro Atlanta ISSA does not take responsibility for content in the postings and is not involved in the hiring process.
If you are aware of job openings and would like to share them here, please send an email to:  job_postings@gaissa.org

Application Security Engineer (Senior & Associate Level)

4 openings

HuntSource, a technology placement firm specializing in Cyber Security, is partnering with a Fortune 100 company to help scale their AppSec team.  With four new openings, this is an exciting opportunity for qualified candidates at all levels to get their foot in the door with a talented, diverse, and collaborative AppSec group.   

Our client is considering experienced Application Security Engineers who have led or participated in code reviews, completed threat modeling, and have assessed findings from AppSec tools.  In this role, you will perform static analysis / assessments of the applications with and without scanners.

Our client is based in Atlanta and are currently considering local and non-local candidates who can effectively work remotely.  Base salary range depending on experience ($110,000 to $175,000 plus bonus) 

Requirements for an Application Security Engineer:

  • Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security

  • Hands on experience in Threat Modeling, SAST, DAST, and Web application security including OWASP 10 and SANS 25

  • Preferred OOP Languages – Java a must, C, C++ (C++/CLI), C, Python would be OK

  • Static Application Security Testing (SAST) experience necessary - Experience with at least one Static Analysis tools (e.g. Fortify, Veracode, Checkmarx)

  • Dynamic Application Security Testing (DAST) helpful

  • Conducting secure code reviews 

  • Methodologies / Ideal Certifications – OWASP Top 10, SANS 25, CSSLP, GSSP – Java, GWEB, CEH

If you or anyone you know is interested in learning more, please reach out to Greg – gaitken@huntsource.io 

Position: Security Engineer, Application Security / Red Team

If interested; please contact John Leibforth at the bottom of this thread:

 

 

Position: Security Engineer, Application Security / Red Team

Salary: 160-170 K Per annual + equity and Bonus

Location: Remote

Client Type: FinTech

To succeed in this role, you will:

 

  1. Have extreme attention to detail without sacrificing execution rigor

  2. Bias towards action and own tasks end-to-end

  3. Work through hurdles and tactfully navigate the organization driving towards the objective

  4. Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way

  5. Be thoughtful and analytical - ask why and challenge preconceived notions

  6. Ability to work independently with minimal supervision

  7. Own the company’s problems like they are your own

  8. Obsessive drive and passion for security and building products people use

 

Requirements:

 

  1. Working knowledge of NIST, ISO, OWASP and similar frameworks

  2. Knowledge of current threats and vulnerabilities found in financial services and crypto industries

  3. Comfortable with Git, Jira, Jenkins or similar tools

  4. Knowledgeable in scripting languages including but not limited to Python and Bash. Elixir is a plus

  5. Solid experience in threat modeling and identification techniques

  6. Ability to work with developers to resolve security issues

  7. Experience in code reviews, vulnerability detection, and root cause analysis

  8. Background in software development, software quality assurance, or similar engineering roles

  9. History working with or on security operations, security engineering, or incident response teams

  10. Hands-on experience implementing and managing static code analysis solutions such as Veracode’s SourceClear

  11. Experience using and/or managing HackerOne or similar bug bounty programs – experience only as a hacker on these platforms is sufficient

 

If you're open to chatting or know of someone in your network, I'd welcome a conversation. Feel free to reach out! Please send your most updated resume as this will make our conversation more relevant

John Robert Leibforth Jr.
Senior Information Technology Recruiter - Cyber Security
720.441.1154
John.Leibforth@hays.com

https://www.linkedin.com/in/john-leibforth-hays/

 2020 by GAISSA

  • LinkedIn Social Icon