Application Security Engineer

Summary

Join GuidePoint Security, a rapidly growing cybersecurity firm, as an Application Security Engineer. You will play a key role in enhancing our clients' security posture. Responsibilities include running SAST/DAST/SCA tools, reviewing outputs, providing recommendations, and implementing tool integrations. This position requires 2-3 years of experience in Application Security, a strong understanding of SDLC, and knowledge of various security tools. A Bachelor's degree in Computer Science or Information Security is preferred. GuidePoint offers a remote-first work environment, comprehensive health insurance, dental insurance, paid time off, and other benefits.

Requirements

• 2-3 years experience working in Application Security
• Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azuer Dev Ops, Jenkins, Bamboo, etc.)
• Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
• Deep knowledge of manual testing tools such as Burp Suite Pro
• Knowledge of and experience with SAST/DAST/SCA Application Security tools
• Experience with the integration of tools into development pipelines
• Understanding of a broad range of Application Security issues as well as their mitigation strategies
• Understanding of Application Security related vulnerabilities
• Written communication skills for written interactions with clients
• Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information
• Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice

Responsibilities

• Run client SAST/DAST/SCA tools, review outputs and provide recommendations
• Implement integrations for tools into pipelines, ticketing systems, etc

Preferred Qualifications

• Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus
• Bachelor's degree in Computer Science or Information Security preferred
• Standard industry certifications are preferred
• Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option