Security Engineer - Application Security

About The Position

Requirements

• 5+ years of web application development (.net, python, java, etc.)
• Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
• Demonstrated understanding of web application penetration testing, secure coding and source code analysis
• Strong, professional communication skills that maintain under pressure
• BA degree in a related field or a combination of related experience is a must

Nice To Haves

• Experience in developing highly automated detection and triage tools
• Deep understanding of cyber security techniques
• Technical certification demonstrating technical prowess in secure software development e.g. Certified Secure Software Lifecycle Professional (CSSLP), or Certified Application Security Engineer (CASE) or similar

Responsibilities

• Build, deploy and maintain tooling to validate and track security controls in and around our code
• Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
• Triage programmatic source code findings and automate penetration testing to decrease potential introduction of vulnerabilities
• Lead and collaborate with developers on secure coding techniques and threat modeling
• Contribute to vulnerability detection and remediation of technological offerings
• Deploy developed or OTS security applications to support our efforts
• Participate in a cross-functional response to cyber security incidents
• Work closely the security team to establish prevention, detection and mitigation techniques
• Support the scoping and rules of engagement of our penetration testing regime

Benefits

• Fragomen is committed to promoting diversity, inclusion and equal opportunity for all employees and applicants, regardless of race, ethnicity, heritage, gender, age, religion, disability, sexual orientation, gender identity or intersex status.
• At Fragomen, we do meaningful and impactful work for our clients and put a focus on our Responsible Business Practices: #LifeAtFragomen: We drive innovation and change. We respect colleagues, embrace diversity, and empower others. #FragomenForward: At Fragomen, pursuing an equal, diverse, and inclusive workforce goes beyond a policy. It’s part of our DNA—and always has been. Year after year, we are recognized as leaders in diversity in our industry.
• Giving Back. We have a deep history of giving back to the communities where we live and work—and we continue that mission today. Serving the less fortunate by providing advice and community support where it is most needed allows us to help immigrants secure a better future for themselves and their families.
• Corporate Social Responsibility. We believe there is more to success in business than generating profit—we want to do well by doing good. We are committed to considering the impact that our business decisions have on our people, our planet, the communities in which we work and our clients.
• Sustainability. Fragomen is focused on sustainability in our business operations and practices—and we know there is much work to be done, with countless opportunities available to minimize our impact on the environment
• Well-being. We are committed to implementing firmwide initiatives that support the health and wellness of our people, including programs to address work-life balance and benefits that cover a wide range of well-being needs of all employees. Our #FragomenWorks program provides the ability to be successful at home or in the office, via Hybrid & Remote work arrangements. Our Feedback Works process includes three managerial check-ins per year to help you progress in your career. Unique learning programs like: Fragomen Academy, Leadership Academy, Practical Management Academy, and Regional Development Conferences.