Application Security Engineer
US-TX-Dallas
Careers (External)
Req #: 14125
Type: Full Time
|
|
|||||||||||||
|
||||||||||||||
Overview: Since our founding in 1924, we've cut cardiovascular disease deaths in half, but there is still so much more to do. To overcome today's biggest health challenges and accelerate this progress, we need passionate individuals like you. Join our movement, be part of the progress, and help ensure a healthier future for all. You matter, and so does the impact you can make with us. The American Heart Association is excited to announce a fantastic opportunity for a Cloud Engineer. The Application Security Engineer will be responsible for designing, implementing, and managing the security architecture for our applications. This role involves working closely with development teams to ensure that security is integrated into the software development lifecycle (SDLC) and that our applications are protected against potential threats. The Association offers many resources to help you maintain work-life harmonization through your changing needs and life situations. To help you be successful, you will have access to Heart U, our award-winning corporate university, as well as additional training and support, locally. #TheAHALife is our company culture, our way of life, reflecting our diversity, equity & inclusion, our focus on work-life harmonization and our Guiding Values. Discover why you will Be Seen. Be Heard. Be Valued(tm) at the American Heart Association by following us on LinkedIn, Instagram, Facebook, X (formerly Twitter), and at heart.jobs. Responsibilities: * Conduct application security assessments to identify vulnerabilities and recommend remediation strategies. * Conduct application architecture assessments to ensure proper security controls are in place * Conduct data assessments to ensure encryption, access controls, and other security measures to safeguard data at rest and in transit. * Conduct threat modeling sessions with development teams to identify and prioritize security risks. * Develop and maintain application security policies, standards, and guidelines. * Develop and maintain threat modeling methodologies, tools, and processes to identify potential threats and vulnerabilities in applications and systems. * Collaborate with development teams to integrate security into the SDLC, including secure coding practices, threat modeling, and security testing. * Implement and manage application security tools such as SAST, DAST, and SCA. * Provide training and awareness programs to educate developers on secure coding practices and application security principles. * Stay up-to-date with the latest security trends, vulnerabilities, and technologies to ensure our applications are protected against emerging threats. * Work with cross-functional teams to ensure that security requirements are met throughout the application lifecycle. Qualifications: * Bachelor's degree in Computer Science, Information Security, or a related field. * Proven experience in application security, including secure coding practices, threat modeling, and security testing. * Strong knowledge of application security tools and technologies such as SAST, DAST, SCA, and WAF. * Experience with cloud security and securing applications in cloud environments. * Excellent communication and collaboration skills, with the ability to work effectively with development teams and other stakeholders. * Relevant certifications such as CSSLP, or CEH are a plus. * Experience with DevSecOps and integrating security into CI/CD pipelines. * Knowledge of regulatory requirements and industry standards related to application security. * Familiarity with common security frameworks and methodologies such as OWASP, NIST, and ISO 27001. Preferred Qualifications: * Knowledge and ability to evaluate and integrate emerging technologies, such as AI/ML, and how they can be used to enhance application security. * Experience in application security and penetration testing to identify and validate security vulnerabilities
Share this job:
