Application Security Engineer

What You Will Work On

• Collaborate with internal teams to define the scope of application security testing activities, including the number and types of applications to be tested, and the testing methodology.
• Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities in application code and weaknesses in secure coding practices.
• Use test results to create reports that detail discovered security issues, assess risk levels, and provide actionable recommendations.
• Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts to the application environment.
• Communicate findings, risks, conclusions, and recommendations to stakeholders.
• Consider the impact your testing will have on the business and its users.
• Clearly articulate and convey the potential business or operational impact of unaddressed security vulnerabilities.

Who We Are Looking For

• 3-5 years of proven experience in application security testing, including Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Open Source Security (OSS) testing, Software Composition Analysis (SCA)
• Bachelor’s Degree, ideally in a technically related field (Computer Science, Information Technology, Software Engineering), or equivalent work experience
• Relevant certifications: EC-Council Certified Application Security Engineer (C|ASE), GIAC Certified Web Application Defender (GWEB), (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP)
• Experience testing web applications for OWASP Top Ten security vulnerabilities
• A thorough understanding of the Software Development Life Cycle (SDLC)
• Experience in promoting and implementing secure coding practices, and providing training and education to development teams on secure development practices
• Strong verbal and written communication skills with the ability to clearly articulate technical concepts to both technical and non-technical audiences
• Attention to detail, to plan and execute tests that meet all requirements
• Ability to prioritize tasks and manage time effectively to meet deadlines
• Ethical integrity to be trusted with a high level of confidential information
• Ability to collaborate with team members and share knowledge
• Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done
• Ability to understand the business implications of identified weaknesses
• Commitment to continuously update your technical knowledge base

What You Can Expect

• Competitive compensation and immediate contribution!
• Inclusive benefits package offerings 401k plans and customizable benefits including dental, vision, medical, etc. for you and your dependents. 
• An innovative culture that understands the importance of quality of work over quantity.
• Company-supported and employee-driven ambassador groups that promote diversity, working on a hybrid schedule and philanthropy.
• Learning and development programs to help advance your career and personal growth.

What We Value

• Wherever it leads, Whatever it takes! We believe in making the impossible possible!
• Thrive personally, grow professionally―be happy!
• Innovate, learn, lead- Knowledge and growth  is never ending!
• We believe in hiring nice people because anything is possible when you have the team's support.   
• Improving the lives around us- A smile could change the entire world.
• Be the most trusted, respected, and loved real estate valuation company in the world.