Application Security Engineer
Apply NowCompany: United Software Group, Inc.
Location: Halifax, NS B3H 1A1
Description:
Job Posting Title
Application Security Engineer - Code Scanning (VIT)
Description
Work location : Halifax, NS (Permanent remote)
Job specific activities:
- Creating the vulnerability items/incident tickets (vulnerability items/incident tickets) in ServiceNow.
- Open/Close the vulnerability items/incident tickets (VIT) to track and monitor the remediation effort and lifecycle of the issue.
The Application Security Engineer - Code Scanning participates in risk assessment during the Certification and Accreditation process. The Application Security Engineer - Code Scanning work assignments are varied and frequently require interpretation and independent determination of the appropriate courses of action.
The Application Security Engineer - Code Scanning designs, develops, implements, and integrates information assurance architecture, system, or system component for use within data center, network, and enclave environments. Understands own work area professional concepts/standards, regulations, strategies and operating standards. Makes decisions regarding own work approach/priorities, and follows direction. Work is managed and often guided by precedent and/or documented procedures/regulations/professional standards with some interpretation.
Verify the code repositories & build pipeline for the release (GIT & Azure) to ensure there are no vulnerable artifacts in place.
Analyze and verify the client software artifact to check for known security vulnerabilities and provide the fixes to application teams.
Provide support for system modification, development and optimization. Resolve ongoing development issues.
Continuous support to Application teams to resolve their build issues.
Skills:
Azure DevOps, CI/CD Pipelines, GIT, Kubernetes
Extensive experience with SAST, DAST, IAST, OWASP, Vulnerability management
Security tools: Cycode, CheckMarx
Application Security Engineer - Code Scanning (VIT)
Description
Work location : Halifax, NS (Permanent remote)
Job specific activities:
- Creating the vulnerability items/incident tickets (vulnerability items/incident tickets) in ServiceNow.
- Open/Close the vulnerability items/incident tickets (VIT) to track and monitor the remediation effort and lifecycle of the issue.
The Application Security Engineer - Code Scanning participates in risk assessment during the Certification and Accreditation process. The Application Security Engineer - Code Scanning work assignments are varied and frequently require interpretation and independent determination of the appropriate courses of action.
The Application Security Engineer - Code Scanning designs, develops, implements, and integrates information assurance architecture, system, or system component for use within data center, network, and enclave environments. Understands own work area professional concepts/standards, regulations, strategies and operating standards. Makes decisions regarding own work approach/priorities, and follows direction. Work is managed and often guided by precedent and/or documented procedures/regulations/professional standards with some interpretation.
Verify the code repositories & build pipeline for the release (GIT & Azure) to ensure there are no vulnerable artifacts in place.
Analyze and verify the client software artifact to check for known security vulnerabilities and provide the fixes to application teams.
Provide support for system modification, development and optimization. Resolve ongoing development issues.
Continuous support to Application teams to resolve their build issues.
Skills:
Azure DevOps, CI/CD Pipelines, GIT, Kubernetes
Extensive experience with SAST, DAST, IAST, OWASP, Vulnerability management
Security tools: Cycode, CheckMarx