Duration: Direct Hire/Permanent
Location: Charlotte, NC
*** U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor or transfer visas at this time.***
As an Application Security Engineer II, you will work closely with our software development teams, security engineers and architects driving security advancements to our products. You are responsible for implementing and managing our application security tools and conducting code reviews.
- Complete code reviews perform static and dynamic code analysis as part of the software development lifecycle.
- Participate on cross-functional agile planning and delivery teams, attending daily standups, retrospectives, and sprint planning exercises.
- Prioritize and track security issues while working with the necessary teams to ensure remediation.
- Partner with enterprise and solutions architects, software engineers, product owners, DBAs and QA engineers to ensure adequate security is in place throughout the SDLC.
- Assist architects in the design of technology and security solutions.
- Support the Security Operations team with incident response, as needed upon escalation.
- Identify and build automations into existing CICD pipelines.
- Complete regular manual code review and application security testing.
- Strong knowledge of web application (SaaS) design best practices and secure software development.
- Deep understanding of the OWASP top 10 and application security vulnerabilities.
- Strong knowledge of .NET 4.0/4.5/Core, C#, Visual Studio, MVC 4/5, and Entity Framework.
- Experience with SOA, web services, REST, SOAP, XSLT, XSD, and XML
- 2+ years of experience completing application security testing engagements and reports.
- Experience with PCI compliance.
- Security certifications such as CISSP, CSSLP, GWEB, OSCP or other web application security certifications.
- Experience with cloud computing, Microsoft Azure platforms, and logic apps.