Skip to Main Content

Sr. Application Security Engineer

Carlstadt, NJ
  • Expired: June 14, 2022. Applications are no longer accepted.

Sr. Application Security Engineer Position Summary Responsible for driving secure software development and testing practices with the goal of protecting commercial, internal, external applications, and data. This position will work very closely with the OSGs cybersecurity, application development, and operations teams conducting security testing, penetration testing, purple teaming, and breach/attack simulation.

Help OSG re-think what it means to be a secure services provider delivering capabilities in a fast-changing, highly competitive market. Reports to: VP, Information Security Responsibilities Perform penetration testing and secure code testing activities Provide tactical and strategic guidance and detailed remediation advice aimed at helping internal and external clients achieve strong security postures Consult with development teams and provide them with information about application security and secure development lifecycle processes Automate testing in a DevSecOps process (Static Application Security Testing - SAST, Dynamic Application Security Testing - DAST, and other technologies as necessary into the overall SSDLC process design Manage Real Time application protection software and web application firewalls to provide proactive prevention of known attacks Track and monitor current and trending practices in software engineering, DevOps and application security Assist with the development and operational aspects related to purple teaming and breach/attack simulation, advanced our capabilities to both detect and prevention known attacks while mapping those activities to the MITRE ATT&CK Framework Obtain and evolve technical expertise, certifications, and industry credentials through formal and informal training and other educational initiatives Assist various development teams build a well-defined SDLC process Basic Qualifications 5+ years of experience in application/network/web/mobile penetration testing and tooling, purple team, or application security engineering and architecture, preferably in a large and distributed operating environment BS degree in Computer Science, Engineering, or related field Experience with various application security, penetration testing, static code scanning and vulnerability assessment tools and technologies, such as Qualys, Metasploit, Acunetix, Veracode Demonstrated ability to connect and influence others in order to achieve organizational priorities Bachelor's degree or equivalent required Preferred Education Master's Degree in Computer Science, Engineering, or related field Certifications in one of more of the following: CISSP, CEH, OSCP, CEPT is strongly desired Benefits: 3 weeks of paid time off annually; 5 sick days Medical, dental, vision plans, employee assistance program, as well as life insurance and LTD plans Supplemental life insurance Voluntary accident and critical illness insurance, respectively Flexible Spending Account available 401k plan OSG offers equal employment opportunity and will not discriminate on the bases of race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors. RSROSG #LI-REMOTE



Carlstadt, NJ



View all jobs at OSG