Senior Application Security Engineer
Apply NowCompany: Saxon Global
Location: Maine, NY 13802
Description:
MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have the mandatory skills will not be considered.
12 years of experience in application security, with a proven track record of conducting vulnerability assessments, penetration testing, and secure code reviews.
Extensive experience in secure application development, including knowledge of security frameworks like OWASP Top 10, and the ability to guide development teams in implementing secure coding practices.
Proficiency in Software Composition Analysis (SCA) tools (e.g., Veracode, AppSec) for identifying and managing vulnerabilities in open-source libraries and third-party components.
Advanced knowledge of static and dynamic application security testing (SAST/DAST) tools (e.g., Veracode, AppSec, Burp Suite) and integrating these tools into CI/CD pipelines for automated security checks.
Strong cloud security expertise, including securing applications and workloads on AWS, Azure, or GCP, and experience with Web Application Firewalls (WAF) and cloud-native security services.
Note: Candidates who do not have the mandatory skills will not be considered.
12 years of experience in application security, with a proven track record of conducting vulnerability assessments, penetration testing, and secure code reviews.
Extensive experience in secure application development, including knowledge of security frameworks like OWASP Top 10, and the ability to guide development teams in implementing secure coding practices.
Proficiency in Software Composition Analysis (SCA) tools (e.g., Veracode, AppSec) for identifying and managing vulnerabilities in open-source libraries and third-party components.
Advanced knowledge of static and dynamic application security testing (SAST/DAST) tools (e.g., Veracode, AppSec, Burp Suite) and integrating these tools into CI/CD pipelines for automated security checks.
Strong cloud security expertise, including securing applications and workloads on AWS, Azure, or GCP, and experience with Web Application Firewalls (WAF) and cloud-native security services.