Application Security Engineer
Posting ID: JP-002134329
Our product is an application performance and security monitoring solution that provides real-time visibility and insight into applications and their environments. With our unique solution, you can take the right action at precisely the right time with automated anomaly detection, rapid root-cause analysis, and a unified view of your entire application ecosystem, including private and public clouds. With this solution, you’ll finally align IT, DevOps, Engineering, and the business around the information that helps you protect your bottom line and deliver magnificent customer experiences.
What You'll Do:
The Security Engineering team is responsible for our foundational security capabilities. At the summary level, this means assessing and then implementing and/or tuning the processes and tools supporting Application Security (especially Threat and Vulnerability Management for on-prem and SaaS product offerings), Cloud and Network Security (AWS and some Azure) and IT Security.
Who You'll Work With:
The Security Engineering team partners and works cross-functionally with peers across the Product and Engineering organization. This includes, but is not limited to teams such as - Product Reliability Engineering (PRE), Services Reliability Engineering (SRE), Technical Operations (TechOps), Build and Release Engineering (BARE), and IT. This also includes peer all groups within Information Security, with particular emphasis on Security Architecture and Product Security.
Additional Skills & Qualifications:
- Experience deploying, supporting and using tools such as Black Duck, Checkmarx, Tenable (Nessus, Container Security Center), Threadfix and Lacework.
- Triage application security vulnerabilities, assign to correct teams and assist with remediation.
- Knowledge of OWASP Top 10
- Comfortable using a CVSS calculator to generate CVSS scores for customer and pen test reported vulnerabilities.
- Manual and semi-automated triage of vulnerabilities until better auto-triage in place.
- Security Policy writing experience a plus.
Amazing begins here. EASi is a leading global services company specializing in engineering and sciences. For more than 35 years, EASi has delivered critical services across a range of industries, including energy and utilities, transportation, heavy equipment, consumer and industrial products, medical devices, pharmaceutical and biotechnology, as well as academic and health care research. By adapting to the constantly evolving needs of our customers, we have built specialized expertise and a multidisciplinary perspective - leveraging cutting-edge technology and processes - to constantly improve and innovate. Through EASi's flexible solutions and consultative approach, customers in engineering and sciences can expect unparalleled quality, increased speed to market and collaborative customer engagement services.
Headquartered in Hanover, Maryland, EASi has 3,700 dedicated employees across North America, Europe and Asia. EASi is an Aerotek company, a leader in the recruiting and staffing industry. Aerotek is an operating company of Allegis Group® Inc., a global leader in talent solutions. To learn more about EASi, visit EASi.com.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Recruiter: Jean Chambers
Phone: (410) 579-3072