[Remote] Application Security Engineer (Remote in the U.S.)
Note: The job is a remote job and is open to candidates in USA. GuidePoint Security is a rapidly growing cybersecurity company that provides trusted expertise and solutions to help organizations minimize risk. They are seeking an Application Security Engineer to run security tools, collaborate with developers on secure design, and manage application security tooling. This position allows for 100% remote work within the U.S.ResponsibilitiesRun client SAST, DAST, and SCA tools, review outputs and provide recommendationsImplement integrations for tools into pipelines, ticketing systems, etcCollaborate with developers to provide secure design guidance and remediation strategiesFamiliarity with CI/CD systems (i.e. GitHub) and integrating software security tools into the development workflowStrong understanding of web application security principles and best practicesManage, maintain and operate application security tooling, including configuration, tuning, and automationSkillsBachelor's degree in Computer Science, Information Systems or Information Security, and 4 years progressive baccalaureate experience as a security engineer, security analyst or related position working in Application SecurityMust have 2 years of experience with each of the following: Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azure Dev Ops, Jenkins, Bamboo, etc.)Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning toolsInformation Systems architecture, security control design, and development experienceManual testing tools such as Burp Suite ProKnowledge of and experience with SAST/DAST/SCA Application Security tools (Invicti (DAST) or Checkmarx (SAST/SCA)Experience with the integration of tools into development pipelinesExperience understanding and mitigating Application Security related vulnerabilitiesExperience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C#BenefitsRemote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans12 corporate holidays and a Flexible Time Off (FTO) programHealthy mobile phone and home internet allowanceEligibility for retirement plan after 2 months at open enrollmentPet Benefit OptionCompany OverviewGuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations minimize risk. It was founded in 2011, and is headquartered in Reston, Virginia, USA, with a workforce of 1001-5000 employees. Its website is https://www.guidepointsecurity.com/.