Application Security Engineer (REMOTE)

Tech Talent Link

Apply Now

***We are unable to work with 3rd-party or corp-to-corp candidates for this position***

This position can be performed 100% remotely. 

Overview
Are you an Application Security Engineer, looking for a mission-driven organization where you get to use technology to help people and make the world better?

My client will be hiring a candidate with a strong background in AppSec (instead of Systems Admin) and ideally Python development.  They are building a better healthcare experience for people with complex, chronic, and aging family members.

This position reports to the Director of Engineering and partners closely with the rest of the engineering team to scope and run projects to improve the security, scalability, and reliability of the platform.
In the first few months, you'll get to with the Core engineering team to set up what the testing framework and application infrastructure (greenfield).

The ideal candidates enjoys learning new technologies on a regular basis.
You care deeply about security, reliability, scalability, and delivery.
You don't like repetitive tasks so you look for ways to automate and introduce systems or tools to handle them.
You derive satisfaction not just from clean code and creative solutions but from working on a genuinely useful product that improves the lives of others.
You're proud of the code you write and the systems you design, and more importantly, the impact of your work.
You are comfortable running with a project on your own but enjoy collaborating with talented and thoughtful colleagues.
You realize life is short and that what you build and who you build it with matters.

Responsibilities:

  • Help secure and evolve the platform as the company rapidly grows
  • Be an advocate for best security and DevSecOps practices within the company
  • Define security requirements and implement controls such as SSO, logging/alerting, and RBAC for cloud and containerized infrastructure
  • Evaluate, design, and deploy security tools to support: CI/CD Pipelines, AWS deployments, cloud security guardrails, auto-remediation and prevention
  • Help developers identify and solve application security defects.
  • Lead threat modeling exercises of new and evolving technologies within our cloud and containerized environments
  • Improve the monitoring and security profile of the platform
  • Improve and expand application security quality across our entire portfolio of applications
  • Make a strong contribution to the company culture

Questions to consider:

  1. What testing tools have you used?
  2. Do you have experience Securing application infrastructure?
  3. Do you have experience anticipating security vulnerabilities?
  4. Do you have experience coaching Engineers on how to patch?

Qualifications :
AppSec Engineer with 4 years of experience supporting large scale web apps.
Well-versed in the OWASP top 10 and understand defensive coding techniques.
Experience with SAST, DAST, and OSS security tools, CI/CD pipelines
Deep experience with a variety of AWS services to establish a strong defense against future threats.
Python programming skills. 

Apply Now

  Apply with Google   Apply with Twitter
  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow