Application Security Engineer

The Application Security Engineer will interface with the Business Group information security and application leaders to provide timely security assessments, reporting, guidance and assist with remediation.

Required Experience:

4

+ Years
Job Locations:

St. Louis, MO

Location Restrictions:

Onsite

Basic Qualifications and

The Application Security Engineer will be responsible for leading and managing existing Threat and Vulnerability Management (TVM) security service components which includes the following: Web and Mobile application security testing, enabling Web Application Firewall (WAF), performing analysis and driving remediation of external perimeter security gaps and weaknesses. In addition, this position will be responsible for reviewing and enforcing security requirements into projects and the Software Development Lifecycle (SDLC).  Finally, the Application Security Engineer will also support vulnerability response by responding to various security vulnerabilities by identifying the vulnerability, determining the scope, impact and course of action to remediate.    

Responsibilities
  • Manage, coordinate and execute web and mobile application security assessments utilizing existing tools such as Whitehat.
  • Manage and drive remediation of perimeter security findings and vulnerabilities utilizing tools such as Bitsight and Security Scorecard to maintain a superior digital hygiene score.
  • Assist with vulnerability response by performing analysis, determining Enterprise scope, impact and remediation of identified ad hoc vulnerabilities.
  • Perform firewall rule and port request analysis, review and coordination.
  • Perform application analysis, and define WAF Policies to mitigate application exploits
  • Support reviewing and enforcing security requirements with projects and the Software Development Lifecycle (SDLC)
  • Document standards and best practices for common web applications and infrastructure.
  • Assist in the continuous development and improvement of methodologies and processes for TVM service components.
  • Help deliver new security services to support our customers
  • Provide detailed communication, guidance and remediation support for our worldwide customers
  • Deliver detailed presentations and reports to management teams
  • Coordinate with various security vendors to support Threat and Vulnerability Management services consisting of web, mobile, penetration testing, vulnerability scanning and threat response
  • Develop and provide vulnerability reporting to customers and assist in remediation
  • Review and maintenance of service documentation
  • Track and manage vulnerabilities and remediation
  • Assist with application security standards and policy documentation
  • Assist in application security training and awareness
  • Assist in scoping of application security engagements

Required Skills and Experience
  • A Bachelor's degree in Computer Science or related field is required
  • Excellent leadership, organization, analytical, verbal and written communication skills are essential
  • Strong customer service skills
  • Ability to rapidly grasp and apply new concepts and technologies
  • Intermediate networking knowledge
  • Intermediate Web, Mobile, Vulnerability scanning technology knowledge
  • Working knowledge of software vulnerabilities (i.e., SQL Injection, XSS, buffer overflows)
  • Familiar with Web Application Firewall technologies such as F5 ASM
  • Strong self-tasking skills
  • Experienced in Network, Web and Mobile vulnerabilities, ethical hacking, as well as familiarity with Web and Mobile application technology implementation and software
  • Familiarity with enterprise vulnerability scanners
  • Ability to test a variety of projects simultaneously and to learn about new tools and application security testing methodologies in a team-orientated environment

Interested in this position?
Fill out the form below!