Application Security Engineer

Central Insurance Company•Van Wert, OH

57d•Hybrid

About The Position

We’re a team of employees passionate about delivering best-in-class customer service and driving innovation in IT support. Integrity, relationships, and excellence are at the heart of everything we do. Our employees fully utilize their talents and bring their best selves to work. We believe who you are is just as important as what you do! Help shape the future of secure software at Central. We’re looking for a detail-oriented, and innovative Application Security Engineer to join our cybersecurity team. In this role, you’ll be responsible for embedding security into the software development lifecycle, identifying vulnerabilities, and collaborating with developers to build resilient applications. If you’re passionate about threat modeling, testing, and hardening within the application environment including AI applications and driving a culture of security across engineering teams, we’d love to have you on board.

Requirements

Bachelor’s degree in Computer Science or related field and 2 years related experience
Or 4 years related experience
Creativity and passion for application security
Curious mind and strong desire to constantly learn.
Strong understanding of OWASP Top Ten, secure coding practices, and common attack vectors.
Proven ability to apply secure design principles within application architecture.
Strong analytical, research, and problem-solving skills
Understanding of the software development life cycle.
Understanding of security tools such as Burp Suite, Snyk, Rapid7, or similar tools.
Familiarity with CI/CD tools such as Azure DevOps, GitLab, Jenkins or similar tools.
Ability to work with product, software, data, and infrastructure engineering teams.
Strong understanding of data protection principles and technologies (Encryption, DLP, IAM)
Understanding of scripting automation using Python, PowerShell, Bash.
Possess a positive, professional, cooperative, and quality-conscious attitude
Possesses verbal and written communication skills, including negotiation, presentation, and influence skills
Ability to understand Central Insurance’s policies and processes

Nice To Haves

CISSP, CASE, GWAPT, or CSSLP certifications preferred

Responsibilities

Conduct secure code reviews, threat modeling, and vulnerability assessments.
Collaborate with engineers to integrate security controls into CI / CD pipelines.
Develops, maintains, and champions secure coding guidelines and training materials.
Collaborates with DevOps and Software Engineering to integrate security into the SDLC process.
Implements and manages application security tools (SAST, DAST, SCA, WAF, etc..)
Assists with monitoring security events and contributes with the incident response. team
Collaborates on data security to ensure secure data access configurations with Data Engineering and Infrastructure.
Collaborates with Software Engineering to integrate security into AI/ML pipelines and governance frameworks.
Responsible for scripting automation for integration of security tools and functions.
Utilizes scripting for meta-data aggregation to allow for the creation of dashboards or other metrics for security analytics.
Stay current with emerging threats, vulnerabilities, and security technologies.