Application Security Engineer

It's fun to work at a company where people truly believe in what they are doing!

Job Description:

Job Summary

In the quest to continuously expand our capabilities around protecting ours and our clients' data, Epiq Cybersecurity is looking to add an Application Security Engineer to our team. We seek a candidate with a strong background in software development who will work with our software development teams to enhance the security controls in their code. The ideal person for this role is someone who understands SDLC/DevOps best practices, cloud-native technologies, has expertise in at least one development environment and who is self-driven enough to use that knowledge to speak generally to concepts across paradigms.

Job Responsibilities

• Work collaboratively with development teams to help them understand discovered vulnerabilities, identify appropriate remediation techniques, tune SAST, SCA, DAST and other pipeline tooling, and provide additional consultative support.
• Provide consultation to product development leadership on tooling and capabilities that will best fit the development paradigms, programming languages, cloud technologies, and other aspects of their software development lifecycle.
• Engage in discussions as a lead security resource in our security champions community, providing a voice from the cybersecurity perspective while also bringing back visibility into current activities, objectives, and obstacles within the software development teams.
• Consult with software developers on design strategies and approaches to common security controls within their applications.
• Report back to cybersecurity leadership on challenges, obstacles, and needs across the development community where the cybersecurity program can be adapted to provide greater support and coverage.
• Track and report metrics to measure the success of Secure-SDLC/DevSecOps initiatives within the various product development areas across the business units.

Job Requirements

• 3+ years of experience working in a corporate software development environment
• Proven mastery of at least one major software development language such as C#, Java, NodeJS, etc.
• Understanding of Secure SLDC/DevSecOps practices in hybrid environments using traditional and cloud native technologies
• Proven ability to adapt and apply existing software development experience to understand and build competence in new or unfamiliar technologies.
• Knowledge of common application security frameworks and guidance such as the NIST SSDF, OWASP Top 10 lists, etc.
• Demonstrated ability to build collaboration and credibility with resources across the organization who have different or potentially conflicting goals and priorities
• Demonstrated ability to define and report against critical metrics and key performance indicators
• Demonstrated ability to communicate, present and influence credibly and effectively to peers and members of the leadership team
• Demonstrated ability to provide technical leadership and effectively explain deeply technical concepts to individuals without background in those knowledge areas

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

It is Epiq’s policy to comply with all applicable equal employment opportunity laws by making all employment decisions without unlawful regard or consideration of any individual’s race, religion, ethnicity, color, sex, sexual orientation, gender identity or expressions, transgender status, sexual and other reproductive health decisions, marital status, age, national origin, genetic information, ancestry, citizenship, physical or mental disability, veteran or family status or any other basis protected by applicable national, federal, state, provincial or local law. Epiq’s policy prohibits unlawful discrimination based on any of these impermissible bases, as well as any bases or grounds protected by applicable law in each jurisdiction. In addition Epiq will take affirmative action for minorities, women, covered veterans and individuals with disabilities. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. Epiq is pleased to provide such assistance and no applicant will be penalized as a result of such a request. Pursuant to relevant law, where applicable, Epiq will consider for employment qualified applicants with arrest and conviction records.