Panzer Solutions LLC

Application Security Engineer

New York, NY, US

3 days ago
Save Job

Summary

Skills: The Minimum Qualifications:

•Bachelor's or master's degree in computer science, Information Security, or a related field.

•8+ years of experience in application security, penetration testing, or secure software development.

The Ideal Qualifications:

•Relevant security certifications such as CEH, OSCP, CISSP, or GWAPT from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis.

•Strong knowledge of application security vulnerabilities and best practices (e.g., OWASP Top 10, etc.) Experience in integrating security into DevOps (DevSecOps) and CI/CD environments.

•Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), containerized environments (Docker, Kubernetes), and API security.

•Hands-on experience with security tools such as SAST, DAST, SCA, IAST, and fuzzing tools.

•Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations.

•Advance understanding and experience with writing source code in at least one programming language (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.).

•Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes.

•Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers).

•Knowledge of encryption, authentication, and access control.

•Knowledge of compliance and regulatory frameworks (SOC 2, etc.).

Manager Call Notes:

•Application security, penetration testing, tooling

•Api security, code security programs,

•Some background in development ideal

•Certifications are plus

•Focus app security.

TOP - 3

•Vulnerability, static code analysis – finding bugs

•Threat modelling

•Api security (web security)

•Security tools – experiences with sneak, familiarity with API security tooling, any experience with threat model tools. Anything similar will work.

•This team does not focus on cloud security, so that is not focus, focus is application security.

How strong is your resume?

Upload your resume and get feedback from our expert to help land this job

People also searched: