RemoteLeaf Logo
Log in Sign up

Application Security Engineer - DAST & Burp Suite Enterprise Security Testing

3 weeks ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
Bash Burp Suite C# CI/CD Eclipse Java Linux .NET Python Selenium Unix Visual Studio
Apply Now
TOMORROW HIRE

TOMORROW HIRE

TOMORROW HIRE specializes in revolutionizing the hiring process by integrating AI-driven technology and human expertise to create efficient, precise, and effective staffing solutions for businesses.

Internet Software & Services
View All Jobs 4

Description

  • Support Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE plug-in environments using Veracode and Burp Suite.
  • Design and implement enterprise-wide security controls for applications, systems, networks, and infrastructure services.
  • Secure enterprise web applications by mitigating OWASP Top 10, CVSS, CWE, WASC, and SANS Top 25 risks.
  • Integrate security practices into development workflows using Eclipse, JDeveloper, or Visual Studio.
  • Perform application security testing and automation using OWASP ZAP, Burp Proxy, Selenium, and IAST capabilities.
  • Write and maintain bash scripts for security automation, testing, and troubleshooting.
  • Participate in vulnerability discovery, triage, and remediation efforts, including crowdsourced security programs such as HackerOne.
  • Work in Linux or UNIX environments to navigate file systems and troubleshoot website connectivity and security issues.
  • Ensure applications and security practices comply with federal standards such as NIST 800-53, FIPS, and FedRAMP.

Requirements

  • 6+ years of information technology experience with a focus on application and security engineering.
  • 3+ years of hands-on application security testing experience, including SAST and DAST.
  • Experience with SAST, DAST, and IDE plug-in integrations using tools such as Veracode and Burp Suite.
  • Experience performing authenticated and unauthenticated crawl auditing and DAST scanning with Burp Suite Enterprise Edition.
  • Experience with Interactive Application Security Testing (IAST) tools and methodologies.
  • Proficiency with OWASP ZAP and/or Burp Proxy for web application security testing.
  • Experience participating in vulnerability discovery and remediation programs, including HackerOne.
  • Experience with test automation tools, including Selenium.
  • Proficiency in bash scripting for security automation, testing, and troubleshooting.
  • 2+ years of development experience in Java, Python, .NET, or C#.
  • Experience integrating security into development workflows using Eclipse, JDeveloper, or Visual Studio.
  • 3+ years of experience designing and implementing enterprise-wide security controls.
  • Strong knowledge of OWASP Top 10, CVSS, CWE, WASC, and SANS Top 25 vulnerabilities.
  • Knowledge of federal compliance frameworks, including NIST 800-53, FIPS, and FedRAMP.
  • Working knowledge of Linux or UNIX environments.
  • High School Diploma or GED required.
  • Public Trust determination or active security clearance preferred.

Benefits

  • Salary range of $120,000-$140,000.
  • Health insurance.
  • Vision insurance.
  • Dental insurance.
  • Paid time off (PTO).
  • Fully remote work environment on the East Coast.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Crypto.com

Application Support Engineer — Blockchain Security & AI Automation

Crypto.com 1K-5K Capital Markets

Crypto.com is hiring an Application Support Engineer in its Blockchain Security team to keep production blockchain applications stable while improving support operations through AI-driven automation.

United Kingdom Full-time Mid Level Application Security Engineer
Blockchain Encryption Go LLM Node.js Python REST API Rust Solana
7 hours, 3 minutes ago
Inovalon

Application Security Engineer

Inovalon 1K-5K IT Services

Inovalon is hiring a Staff Software Engineer focused on application security to embed secure practices across the design, development, and operation of cloud-native SaaS healthcare platforms.

United States India Full-time Lead Application Security Engineer
Agile DevSecOps Encryption GCP HIPAA Penetration Testing
8 hours, 13 minutes ago
GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
21 hours, 34 minutes ago
TrueML

Sr. Application Security Engineer

TrueML 51-250 Internet Software & Services

TrueML is hiring a Senior Application Security Engineer to secure applications across the software development lifecycle for its remote U.S. product and technology team.

United States Full-time Lead Application Security Engineer
$125k-$140k
AWS CI/CD Docker Go JWT Kubernetes OAuth OWASP Python SAML SIEM WAF
22 hours, 46 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers