Application Security Engineer

San Ramon, California, United States

WaveStrong

Founded in 2001, WaveStrong is an industry leader in enterprise and cloud information security. A data privacy consulting company providing a complete cyber security program trusted for over 18 years.

View all jobs at WaveStrong

Apply now Apply later

Founded in 2001, WaveStrong is an industry leader in enterprise and cloud information security consulting services. We pride ourselves on our best of breed security solutions and services that span a myriad of government, education and business verticals. Our staff is comprised of both certified technical and business professionals who can help you successfully navigate complexities of planning, design, implementation and management of securing data. Our approach is vendor agnostic giving our customers the freedom to choose the best customized security model for their business.

Requirements

We are looking for an Application Security Engineer with expertise in AppScan to join our cybersecurity team. The ideal candidate should have a strong experience in DAST and SAST including identifying and mitigating security vulnerabilities in applications throughout their lifecycle, and performing security assessments, penetration testing, and vulnerability management to identify and remediate security risks.

 

Job Description

  • 3 plus years of experience in Application Security
  • Proficiency in Application Security, with a particular emphasis on DAST, SAST, and penetration testing practices.
  • Perform regular security assessments, including static and dynamic code analysis and penetration testing, to identify vulnerabilities and recommend remediation strategies.
  • Proven experience using AppScan or similar security testing tools (e.g., Burp Suite, OWASP ZAP).
  • Ensure applications comply with industry standards and regulations such as OWASP Top Ten, PCI-DSS, and GDPR.
  • Hands-on experience with automating security testing within CI/CD pipelines.
  • Excellent problem-solving skills with the ability to conduct in-depth security analysis.
  • Strong communication and interpersonal skills for interacting with technical and non-technical stakeholders.
  • Develop and support integration and automation within security, monitoring, reporting, and ticketing platforms
  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

Nice to Have:

  • Certifications such as CEH, OSCP, GWAPT, or CISSP.
  • Experience with cloud security in AWS, Azure, or Google Cloud.
  • Knowledge of API security, container security (e.g., Docker), and microservices.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: APIs Application security Automation AWS Azure Burp Suite CEH CI/CD CISSP Cloud Code analysis Computer Science DAST Docker GCP GDPR GWAPT Microservices Monitoring OSCP OWASP Pentesting SAST Security analysis Security assessment Vulnerabilities Vulnerability management

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.