Job description

Job#: 3008429 Job Description: JOB OBJECTIVE: We are seeking a highly skilled Application Security Engineer to join our security team. The ideal candidate will be responsible for ensuring the security of our applications, conducting security assessments, and implementing best security practices throughout the software development lifecycle (SDLC). You will work closely with development, DevOps, and IT teams to identify, assess, and mitigate security vulnerabilities, ensuring that our applications are resilient against modern cyber threats. DUTIES AND TASKS: Conduct application security assessments, including threat modeling, static and dynamic code analysis, and penetration testing. Identify and remediate security vulnerabilities in web, mobile, and cloud-based applications. Work with development teams to integrate security best practices into the SDLC, including secure coding guidelines, security testing, and automated security tools. Implement and manage security tools such as SAST, DAST, SCA, and WAF. Perform security code reviews and collaborate with developers to remediate security flaws. Stay updated with the latest security threats, vulnerabilities, and industry best practices. Lead incident response efforts related to application security breaches and recommend mitigation strategies. Provide security training and awareness programs for development and engineering teams. Ensure compliance with industry standards and regulations such as OWASP, NIST, GDPR, and ISO 27001. Develop security policies, procedures, and guidelines related to application security. REQUIRED KNOWLEDGE, SKILLS AND ABILITIES (KSA's): Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field (or equivalent work experience). 3+ years of experience in application security, penetration testing, or software development with a security focus. Strong knowledge of web application security vulnerabilities and secure coding principles. Experience with security tools such as Burp Suite, OWASP ZAP, Checkmarx, Veracode, or Fortify. Hands-on experience with programming languages such as Java, Python, JavaScript, or C++. Familiarity with cloud security (AWS, Azure, or Google Cloud Platform) and container security best practices. Knowledge of authentication protocols, encryption, and identity & access management (IAM). Strong analytical and problem-solving skills with the ability to think like an attacker. Excellent communication skills with the ability to work collaboratively across teams. Preferred Qualifications: Relevant security certifications such as CISSP, OSCP, CEH, GWAPT, or CSSLP. Experience working in Agile and DevSecOps environments. Knowledge of API security and mobile application security. Familiarity with CI/CD security practices. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.

Requirements