ZipRecruiter

Log In

1

Secure Code Review Jobs in New York (NOW HIRING)

AGS

Senior Application Security Engineer

Manhattan, NY · On-site

$126K - $173K/yr

Senior Security Engineer - Secure Code Review 📍 New York, NY 🏢 On-site | Full-Time My client is seeking a Senior Security Engineer to join their Application Security practice. This role is ...

StartupTAP

Lead AI AppSec Engineer

New York, NY

$64.25 - $86/hr

Conduct secure code reviews and support vulnerability remediation * Integrate and operate security tooling such as SAST, DAST, and SCA within CI/CD pipelines * Help define guardrails, monitoring, and ...

Flagstar Bank

Product Security Principal

New York, NY · On-site

This position is accountable for application-specific security controls, threat modeling, security architecture reviews, secure code practices, and security testing coordination. Responsible for ...

Flagstar Bank

Product Security Principal

Manhattan, NY · On-site

Responsibilities : • Cultivates security culture across product, technology, and business teams by embedding threat modeling, security architecture reviews, and secure code practices, ensuring ...

Gemini

Senior Application Security Engineer

New York, NY

$140K - $200K/yr

Lead secure design reviews, threat modeling, code review, and penetration testing for high-risk products such as crypto custody, trading systems, and payments * Build and ship code: design and build ...

Gemini

Senior Application Security Engineer

New York, NY · On-site

$140K - $200K/yr

Lead secure design reviews, threat modeling, code review, and penetration testing for high-risk products such as crypto custody, trading systems, and payments * Build and ship code: design and build ...

Bridge Tech

Sr. Application Security Engineer

Montvale, NJ · On-site

$61.50 - $82/hr

... • Secure code review experience using automated toolsets • Software Engineering career experience • Following Certifications: CISSP, CEH, GWAPT, GPEN, OSCP • Thorough understanding of ...

next page

Showing results 1-20

All JobsSecure Code Review JobsSecure Code Review Jobs in New York

Secure Code Review information

What is secure code review?

Secure code review is the process of systematically examining application source code to identify and remediate security vulnerabilities before software is released. This review can be performed manually or with automated tools, focusing on areas where coding errors could lead to security risks such as injection attacks, data leaks, or authentication flaws. The goal is to ensure that the code adheres to secure coding standards and best practices, ultimately reducing the risk of exploitation by malicious actors.

What are the key skills and qualifications needed to thrive as a Secure Code Reviewer, and why are they important?

To thrive as a Secure Code Reviewer, you need a solid understanding of secure coding practices, programming languages (such as Java, Python, or C++), and common software vulnerabilities, often supported by relevant security certifications like CISSP or CSSLP. Familiarity with automated code analysis tools, static application security testing (SAST) platforms, and bug tracking systems is typically required. Strong analytical thinking, attention to detail, and clear communication skills set outstanding reviewers apart. These abilities are crucial for identifying, explaining, and mitigating security risks in code, ensuring robust application security.

What are some common challenges faced by professionals performing secure code reviews, and how can they be addressed?

Secure code reviewers often encounter challenges such as keeping up with evolving security threats, identifying subtle vulnerabilities in complex codebases, and maintaining effective communication with development teams. To address these, reviewers should stay updated on the latest security trends, use automated tools to assist in identifying potential issues, and foster collaborative relationships with developers to ensure that findings are understood and remediated effectively. Regular training, participating in security communities, and integrating secure code review into the software development lifecycle can also help overcome these challenges.

What is the difference between Secure Code Review vs Static Application Security Testing (SAST)?

AspectSecure Code ReviewStatic Application Security Testing (SAST)
CredentialsKnowledge of secure coding, programming languages, security standardsSecurity testing tools, programming knowledge, security certifications
Work EnvironmentManual review, developer collaboration, code analysisAutomated scanning, integration with CI/CD pipelines
Industry UsageDevelopment teams, security analysts, code auditsSecurity teams, QA, DevOps, automated security testing

Secure Code Review involves manual or semi-automated analysis of source code to identify security flaws, emphasizing developer collaboration. SAST uses automated tools to scan code for vulnerabilities during development, enabling faster detection. Both roles aim to improve code security but differ in approach: one is manual and detailed, the other automated and scalable.

What are popular job titles related to Secure Code Review jobs in New York? For Secure Code Review jobs in New York, the most frequently searched job titles are:
What job categories do people searching Secure Code Review jobs in New York look for? The top searched job categories for Secure Code Review jobs in New York are:
Secure Code Review jobs near you

Application Security Code Review - SAC (Security Code Review)

Futran Tech Solutions Pvt. Ltd.

Florham Park, NJ • On-site

$61.50 - $82.25/hr

Full-time

Posted 11 days ago

Job description

Application Security Code Review - SAC
A strong understanding of secure development life cycle, application security frameworks and various regulatory requirements.
  • Preferred background in software development and exposure to banking/ financial services domain is a plus.
  • Highly proficient with development languages including Java, .Net, PL/SQL and scripting languages.
  • Perform code review across a variety of programming languages and ability to understand security issues, interact and explain security risks to development teams.
  • Use automated and manual code review techniques to identify application security vulnerabilities.
  • Document vulnerabilities and collaborate with application team to help provide code snippets to remediate the findings.
  • Good understanding of supported frameworks and cleansers functions that tool supports.
  • Good understanding on core security mechanisms, crypto libraries and server-side security
  • Experience in tools like HP Fortify, IBM App Scan source and Veracode.
  • Experience of Continuous Integration/ Testing/ Delivery.
  • Any security certifications is a plus. CEH, CISSP, or CSSLP preferred.

Apply