Senior Application Security Engineer
Charlotte, NC, United States
TEKsystems
Senior Application Security Engineer
Charlotte ,
North Carolina
Apply Now
Job Description The LPL Info Sec team is growing rapidly as the company continues to bring on more advisors. They are looking to add an Application Security Engineer that can come in and be the point person for them. The focus of the work will be around assessing and scanning their tools and assets for any vulnerabilities. As a senior member of the Information Security team, the Senior Application Security Analyst will be responsible for helping to develop and mature the Application Security program for the company. Application security is a top area of focus at LPL. We have incorporated key industry security best practices, technologies and integrated processes to further strengthen our defense posture. This is an exciting time to join the Information Security Vulnerability management team as we are continuing to expand the vulnerability management program. Essential Functions: • Perform as a vulnerability management SME in the following areas: Web Application, Databases, APIs and others domains. • Create and maintain scan profiles for automated application scanning tools • Review vulnerability scan results and track closure of vulnerabilities • Produce and track security metrics • Support the secure development and testing of critical Advisor and Investor applications • Mentor and educate product development and quality engineers on secure development • Monitor and review CVEs, industry developments, and provide inputs for continuous improvement • Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects • Develop and maintain enterprise security libraries, components, best practices checklists and perform application security risk evaluation, partner with key stakeholders to further enhance application security CI/CD pipeline and continually assess security posture for improvement. • Other duties as assigned. • Contract-to-hire after 4 months for the right candidate Qualifications: • Bachelors and/or Master’s Degree or equivalent in Information Security, Engineering, Computer Science. • 5+ years of combined Application Development and Security Engineering or Security Architecture experience • Developer with strong application security acumen, hands on experience with security design reviews and threat modeling • Experience using Application Security Code Scanning Tools such as Veracode • Knowledge of secure coding best practices, secure SDLC, secure architecture, and operations • In depth understanding of OWASP Top 10 Critical Web Application Security Risks, their identification, and architecture, design, coding patterns to mitigate them • Experience working with security of applications developed in C#, Java, and web (HTML, CSS, JS, React, REST) technologies • Experience creating and managing policy, processes and procedure documents • Strong analytical, interpersonal and communication skills • Ability to train and mentor agile development teams • Relevant industry security certification preferred
About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr