Remote Application Security Engineer, Fellow

2558 IT & Software Developer jobs in the US

Company Size

5k+

Company Type

Product

Exp Level

Junior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- 3-5 years of experience in manual penetration testing for web and mobile applications - Proven ability to identify, research, and assess current vulnerabilities and offer remediation and configuration advice - Skill in collaborating with stakeholders to formulate remediation strategies - Excellent interpersonal skills to engage with personnel at various levels across the organization - Strong customer-oriented approach with the capacity to manage expectations for a superior client experience - Capability to work autonomously at an advanced technical level - Proficient in producing comprehensive, well-structured reports detailing vulnerabilities and risks along with specific remediation instructions - Familiarity with cloud technologies and environments (AWS, Azure, Google) - Deep understanding of application, network, infrastructure, and data security architecture at an enterprise level - Exceptional analytical skills for managing multiple projects efficiently under tight deadlines - Ability to perform well under pressure and handle competing priorities - Knowledge of web application frameworks, deployment technologies, and security software - Proficiency in scripting for the creation of custom scripts aimed at identifying and exploiting vulnerabilities - Strong writing skills to develop detailed reports for stakeholders at all levels - Experience with manual secure code review - Familiarity with GitLab Ultimate CI/CD technology and application security workflows - Relevant certifications such as GPEN, OSCP, CISSP, GWAPT, CEH, OffSec or similar - Experience with programming or scripting languages like Python, JavaScript, PowerShell, shell script, Ruby, PHP, LUA, etc. - Bachelors degree in Information Technology or Computer Science or equivalent experience - Passion for information security and commitment to service excellence - Adaptability to new situations and eagerness to stay updated on AppSec trends, threats, and risks - Experience with coding relevant to JavaScript or API.

Technologies

CI/CD

DevSecOps

GitLab

Responsibilities

- Spearhead the development of an effective API Security program - Collaborate with key stakeholders from gateway and cloud teams to create a comprehensive inventory of APIs, endpoints, and routes - Enhance existing AppSec processes to incorporate technical controls for ensuring compliance and governance across the API ecosystem - Conduct penetration testing on products and systems, including web applications, web services, and mobile devices - Partner closely with engineering to design, test, and maintain AppSec processes - Work together with the DevSecOps team to implement, sustain, and enhance shift-left scanning practices - Coordinate the services of external vendors for penetration testing in conjunction with internal development teams - Collaborate with stakeholders to create strategies for remediation - Demonstrate hands-on exploitation of identified security flaws - Improve and refine processes to automate the reporting of application security metrics - Evaluate security scan results, addressing false positives and assisting developers with remediation - Act as a subject matter expert in application security across all domains - Engage in threat modeling exercises - Communicate vulnerability details, risks, and potential impacts effectively to application owners, developers, and stakeholders - Mentor junior team members and interns - Design, implement, and support security-focused tools and services - Develop tools aimed at enhancing security testing, reporting, and monitoring - Perform other duties as necessary.

Description

At Ally Financial, we believe our success is deeply tied to the well-being of our team members. We prioritize the health, safety, and development of our employees, offering a supportive environment that values work-life balance and inclusivity. Our organization provides generous benefits and various employee resource groups that promote professional growth and personal aspirations. Here, you will find a blend of a dynamic startup atmosphere with the stability of an established company, working alongside a dedicated team committed to leveraging technology to enhance customer experiences. This position is part of our commitment to fostering innovation and collaboration, all while being adaptable in our ever-evolving industry landscape.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the USSecurity Engineer jobs in the USRemote Security Engineer jobs

You can find Cyber Security Engineer salaries in the United States here.

How many Cyber Security Engineer jobs are in the United States?

Currently, there are 2558 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the US a good place for Cyber Security Engineers?

The US is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the United States?

Jump, Sched LLC, D3 Security Management Systems, Airia Brands Inc, Snaplii, PosiTrace, DataAnnotation among others, are currently hiring for Security roles in the United States.

The company with most openings is Jobot as they are hiring for 86 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.