Senior Application Security Engineer

This is a 6-12 month contract role that can become a full-time position.

One of InterEx's key clients within the Fuel & Energy industry is looking for a Senior Application Security Engineer. With over 15,000+ employees and over $49 billion in annual revenue this organization is one of the globe's most renowned fuel and energy organizations.

Qualifications

• Experienced Information Security Engineer with proven ability to design, implement, and maintain security controls

• Three (3) years of experience in a technical IT or security role focused on application security

• Hands-on experience with SAST and DAST tools (e.g., Rapid7 insightAppSec, Qualys, SonarQube, Snyk)

• Strong knowledge of application security principles, practices, and techniques

• Familiarity with secure coding practices and well-known web application security vulnerabilities such as XSS, CSFR, etc

• Excellent understanding of vulnerability validation, reproduction, mitigation advice, and research skills

• Understanding of and practical experience with the design, implementation, integration, and maintenance of security technologies such as endpoint security, vulnerability management, secure network architecture, security automation, SIEM, MFA, IAM, PAM, MDM, PKI, SPM, API management, NAC, authentication and authorization, encryption, DLP, and firewalls

• Ability to maintain strict confidentiality

• Excellent writing, organizational, interpersonal and communication skills

• Ability to think analytically and a high sense of urgency

• Ability to look at all situations objectively and a love for challenging assumptions

Responsibilities

• You will experience working in a high‐energy environment while assisting in decreasing risk and protecting client data

• Design, implement, integrate, monitor, and maintain a variety of Security Technologies for the protection of the organization’s data, systems, and networks

• Lead vulnerability assessments on applications and systems by conducting regular scans, reviewing vulnerability data to prioritize and reclassify vulnerabilities, and communicating with other organizational units to implement a mitigation strategy in accordance with established standards

• Identify, define, and communicate technical security requirements and guidelines for new initiatives

• Stay up to date with the latest security trends, threats, and recommend mitigation strategies

• Work with compliance and technical teams to remediate deficiencies found during assessments, audits, or examinations

• Assist in the generation and collection of metrics and other information for senior management

• Participate in Incident Response

• Participate in an on-call support rotation