1585 IT & Software Developer jobs in the US
Application Security Engineer - DevSecOps
$110,000 - 130,000
Ryder System
State Street, Boston
$110,000 - 130,000
Requirements
Must:
- Bachelors degree in Computer Science, Information Security, or a related field
- Over five years of experience with OWASP, SAST, DAST, SCA, RASP, and common security tools
- A minimum of seven years in application security, security engineering, or software development
- Extensive knowledge of web application security and prevalent attack vectors (e.g., SQL injection, XSS, CSRF)
- Experience in secure coding practices, threat modeling, and secure software development lifecycle (SDLC) methodologies
- Proven track record in diagnosing, isolating, and resolving complex issues
- Familiarity with systems integration processes, methodologies, and tools
- Development and scripting expertise for at least seven years
- Background in API and Web Security
- Three years of experience with WAF or similar application security infrastructure is a plus
- Seven years or more experience in integrating security within CI/CD and DevOps environments
- Experience in process or operational management for six years or more
- Six years of experience in Value Stream Mapping, Continuous Flow, and Pull Replenishment process improvements
- Excellent verbal and written communication skills with the ability to engage effectively with cross-functional teams
- Capability to maintain professional relationships across all levels of the organization
- Flexibility to work independently or collaboratively within a team
- Strong multitasking abilities and impeccable time management skills
- Proficiency in at least one programming language (e.g., Python, .NET, Javascript) with .NET preferred
- Advanced proficiency in at least one scripting language (e.g., PowerShell, bash)
- In-depth understanding of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR, and other global regulations
- Expertise in CI/CD utilizing Azure DevOps, Terraform, or comparable automation technologies
- Knowledge in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategies
- Preferred certifications include CISSP, OSCP, CASE, or equivalent industry-recognized credentials
Responsibilities
- Conduct security assessments of our applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies
- Collaborate closely with software development teams to embed security practices throughout the development lifecycle
- Evaluate security across web, mobile, and other applications and analyze findings to pinpoint vulnerabilities while providing remediation guidance
- Design and enact secure software development protocols, including threat modeling and secure coding standards
- Stay informed about security threats, trends, and technologies to recommend new security measures as required
- Lead application security investigations and deliver recommendations to reduce risk
- Maintain security documentation, serve as a subject matter expert, and collaborate on security policies, procedures, and standards
- Undertake additional duties as necessary as assigned
Description
We are looking for a passionate and seasoned Application Security Engineer to be part of our expanding security team. This technical role requires a deep understanding of application security, data privacy, and secure software development practices. Our ideal candidate will assess security across our organizations applications while collaborating with development teams to ensure that security measures are integrated effectively. We prioritize staying abreast of the latest security trends and technologies, which are woven into our overarching security strategy. This position offers competitive compensation in the range of $110,000 to $130,000, along with a comprehensive suite of benefits including health insurance, paid time off, and a 401(k) retirement plan. We pride ourselves on being an Equal Opportunity Employer committed to a diverse and inclusive workplace.
Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️
You can find Cyber Security Engineer salaries in the United States here.
How many Cyber Security Engineer jobs are in the United States?
Currently, there are 1585 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.
Is the US a good place for Cyber Security Engineers?
The US is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.
Which companies are hiring for Cyber Security Engineer jobs in the United States?
Sched LLC, Jump, Snaplii, Meitou Inc., Freedom Pet Supplies, Infoya Inc., GE Aerospace among others, are currently hiring for Security roles in the United States.
The company with most openings is Boeing as they are hiring for 66 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.
The company with most openings is Boeing as they are hiring for 66 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.