Skip to content
mimi
All jobs · Security Engineer jobs

AppSec Engineer

Unisys

Rockville · Hybrid Full-time Senior 2w ago
Apply with a tailored resume Save job

About the role

About

This role involves in evaluating security vulnerabilities, security tools, implementing security solutions, and leveraging latest solutions to secure code review capabilities.

Responsibilities

  • Plan, coordinate and implement application security practices in each phase of software development life cycle though testing, remediation support, tool evaluation, etc.
  • Perform security assessments and manual penetration testing using tools such as Burp Suite and other proxy tools.
  • Triage static (SAST), dynamic (DAST), interactive (IAST) analysis results to identify, prioritize and remediate security vulnerabilities.
  • Integrate security practices into C/CD pipeline to support DevSecOps initiative.
  • Maintain documentation of security findings, remediation plans, and compliance requirements
  • Develop and interpret security policies and procedures Participate in security compliance efforts
  • Develop and deliver training materials and perform general security awareness and specific security technology training
  • Evaluate and recommend new and emerging security products and technologies
  • Leverage GenAI technologies to scale application security reviews and automate code analysis
  • Evaluate various application security tools/capabilities i.e., SAST,DAST, IaC, Secrets detection tools
  • Stay current with emerging security threats and countermeasures.
  • Ability to train or explain the common security issues to raise the security awareness among developers and assurance engineers.
  • Perform AWS configuration reviews

Qualifications

  • 5+ years of experience required in Cyber security and application security
  • Familiarity with SAST, DAST, IAST tools.
  • Understanding of AWS is required
  • Deep understanding of OWASP top issues and remediation guidelines.
  • Proficiency in one or more programming language ( Java, Python, JavaScript is preferred)
  • Understanding of CI/CD tools such as Jenkins and GITLAB.
  • Familiarity with GenAI tools is a plus.
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Candidates with software development background is a plus
  • Consistent implementation of security solutions
  • Experience in infrastructure or application-level vulnerability testing and auditing
  • Certifications like GWAPT, OSWE, Burp Suite Certified Practitioner are good to have

Skills

AWSBurp SuiteCI/CDDASTGenAIIASTIaCJavaJavaScriptJenkinsGITLABOWASP Top 10PythonSASTSecrets detectionapplication security

Similar roles

Senior Back End Developer

ONLU AG

Manager Software Architect (w/m/d)

PwC Germany

Senior Software Developer & Solution Architect (m/w/d)

INC Innovation Center GmbH

€54k – €84k/yr

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free