---

---

Location

Mckinney, TX | United States

---

Job description

DevsecOPS Engineer

McKinney, Texas(Hybrid)

Phone+Skype

Job Description:

Schedule: Must INTERVIEW Onsite, Must work onsite 3 days a week if hired

Description:

Notes from Client call for hiring a Sr App Sec Engineer/DevSecOps

Little below senior. Must really understand how to build. Contractor 2-3 days a week in office. Need a contractor to help build it for 12 months.

Working w/ DevOps team to integrate into OAS top 10 and managing dev vulnerabilities with threat modeling and building.

Open on tools because they're still selecting them. Total of 5 people on Security Team. Using Wiz and Azure

Interview will be ONSITE/IN PERSON with Information Security Manager then 2nd interview with Information Security Manager and Dev team.

Certifications such as GXPN, CISSP, CEH, or CSSLP are a plus highly recommended but not mandatory.

REQUIREMENTS/RESPONSIBILITIES
Senior Application Security Engineer to join our dynamic and innovative team. As a Senior Application Security Engineer, you will play a critical role in ensuring the security and integrity of our applications, systems, and data. You will be responsible for identifying and mitigating security risks, conducting thorough security assessments, and providing expert guidance to our development and operations teams. If you are passionate about application security, possess deep technical expertise, and have a proven track record of implementing effective security measures, we want to hear from you.

Key Responsibilities:
Security Assessments:

Conduct thorough security assessments of applications, identifying vulnerabilities, and providing detailed remediation guidance.

Perform code reviews and collaborate with development teams to integrate security best practices into the software development lifecycle.

Threat Modeling:

Develop and maintain threat models for applications, identifying potential security threats and vulnerabilities.

Work closely with development teams to address security concerns during the design phase of projects.

Security Architecture:

Design, implement, and maintain secure architecture solutions for applications and systems.

Stay current with industry trends and emerging technologies to proactively address potential security challenges.

Incident Response:

Serve as a subject matter expert in incident response, providing support in the event of a security incident or breach.

Collaborate with cross-functional teams to investigate and remediate security incidents.

Security Training and Awareness:

Develop and deliver security training programs for development and operations teams.

Foster a culture of security awareness and best practices throughout the organization.

Tools and Automation:

Evaluate, implement, and manage security tools and automation processes to enhance the efficiency and the effectiveness of security initiatives.

Qualifications:

Need a minimum of four (4) years of experience in application security projects.

Need a minimum of three (3) years in software development principles and practices.

Need a minimum of three (3) years in enterprise class frameworks and programming

Candidate should have four (4) years in penetration testing, code reviews (SAST / DAST / MAST), secure coding practices.

Familiarity with industry standards and frameworks (OWASP, NIST, etc.).

Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.

Candidate should have exposure to OWASP and knowledge of issues with insecure coding practices

Rahul Puri

IT Technical Recruiter

Phone : 321-326-1550

Email: [email protected]

Gtalk: [email protected]

---

Job tags

---

---

Salary