Senior Application Security Engineer

Senior Application Security Engineer

Our team is looking for a Senior Application Security Engineer with extensive product security experience and deep expertise in web security, applied cryptography, software security vulnerabilities, IAM solutions, including federation, and in-depth knowledge of software security standards/best practices to join our team. We take security very seriously, and protecting our customers is our highest priority. The right candidate must be a self-starter who is passionate about security and is excited to work in a highly collaborative environment alongside a diverse team of experts every day.

The Senior Application Security Engineer is a technical subject matter expert for multiple areas of application and product security. The Senior Application Security Engineer is responsible for performing design reviews, technical security assessments, and code reviews to highlight risk and help engineering teams improve the overall security of our products. The Senior Application Security Engineer is a security leader within the company, gaining a solid understanding of our products and systems and ensuring that security is built into development projects. This position requires both deep and broad technical knowledge across various disciplines, and the ability to work hands-on across various software designs and technology stacks.

In addition to having strong technical skills, the Senior Application Security Engineer must be comfortable in effectively communicating with business end users, technical IT teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical backgrounds in a global business environment.

Responsibilities

• Serve as a primary technical security resource on product development
• Perform design reviews and technical security assessments to highlight risk and help engineering teams improve the overall security of our products
• Design and implement security best practices and standards across varied engineering teams and environments
• Implement and conduct code reviews with a combination of static testing, manual reviews, and dynamic analysis / pen-testing
• Conduct threat modeling, identify & drive risk decisions, and influence technical designs and architectures
• Engage with developers to initiate and support remediation
• Perform security reviews of new services and features
• Build tools to simplify and automate Vulnerability Management processes
• Provide engineering designs to mitigate security vulnerabilities in new software solutions
• Design and implement tooling and automation for application security (e.g. SAST/DAST in CI/CD)
• Perform regular security testing as well as code reviews to improve software security
• Maintain technical documentation related to software security
• Ensure software security at all levels of architecture
• Stay updated with the latest tools and advanced industry practices for software security
• Advocate for security culture and educate colleagues across all parts of the company

Skills

This is a senior position, and experience in the application security domain with an identity focus is key.

Essential

• Develop and implement advanced security techniques according to the technical architecture of our firm
• Perform regular security testing as well as code reviews to improve software security
• Troubleshoot and debug issues as soon as they arise
• Maintain technical documentation related to software security
• Provide engineering solutions to mitigate security vulnerabilities in new software initiatives
• Ensure software security at all levels of architecture
• Continuous alignment with the latest tools and advanced industry practices for software security
• Industry certifications such as OSCP, CCSP, SSCP, CISSP

Desirable

• Bachelor's Degree in Computer Science, Engineering, Network Security, or a related field with 10+ years of related industry experience
• Demonstrated excellent technical writing skills and project/program management experience
• Multiple language skills are a plus.

About Us: InterSources Inc

InterSources Inc, a Certified Diverse Supplier, was founded in 2007 and offers innovative solutions to help clients with Digital Transformations across various domains and industries. Our history spans over 16 years and today we are an Award-Winning Global Software Consultancy solving complex problems with technology. We recognize that our employees and our clients are our strengths as the diverse talents and opportunities they bring to the table enable us to grow as a global platform and they are causally linked with our success. We provide strategic and technical advice, and we have expertise in areas covering Artificial Intelligence, Cloud Migration, Custom Software Development, Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services, etc. We make reasonable accommodations for clients and employees and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, or marital status. We also are a Google Cloud partner company. We align strategy with execution and provide secure service solutions by developing and using the latest technologies that thrive our resources to deliver industry-leading capabilities to our clients and customers, making it convenient for our clients to do business with InterSources Inc. Our teams also drive growth by refining technology-driven client experiences that put the users first, providing an unparalleled experience. This results in strengthening the core technologies of clients, enabling them to scale with flexibility, create seamless digital experiences and build lifelong relationships.