Job Description :
Role: Application Security Engineer Location: 100% Remote Duration: Long-term contract USC ONLY MUST HAVES: CI/CD, Python or Java, Network and application protocols (TCP/IP, TLS, HTTP), experience with web application security testing tools Job Description: Job Description Looking for a hands-on Application Security Engineer with DevSecOps experience to work on a team responsible for building and managing enterprise-level CI/CD tooling and services used by internal customers. Responsibilities ? Incorporate compliance and security into CI/CD pipelines following the shift-left paradigm ? Configuring and tuning application security testing solutions ? Designing and implementing continuous monitoring and authorization processes into pipelines ? Providing DevSecOps guidance to customer teams ? Confirming that the CI/CD platform is meeting security control requirements Requirements: ? Degree in Computer Science or a related technical field involving software development, or equivalent experience ? 5 years of experience in operation of production systems, including troubleshooting, testing, and automation. ? Experience with algorithms, data structures, analysis, and software design ? Experience in C#, Java, or Python ? Experience consulting with customers or leading projects to achieve defined outcomes ? Experience with network and application protocols (e.g., TCP/IP, TLS, HTTP). This should include understanding of the internal workings of common protocols ? Experience with databases, including RDBMS (MySQL/MariaDB, MS SQL, Oracle) and columnar or NoSQL store (MongoDB, Redis, Casandra, DynamoDB) ? Experience with web application security testing tools (e.g., Burp, ZAP, Qualys, Netsparker) ? Experience with static code analysis tools (e.g., SonarQube, CheckMarx, Coverity, Security Code Scan, Flawfinder, Gosec, SpotBugs, Kubesec, Semgrep, MobSF) ? Experience with package/container vulnerability scanning tools (e.g., Black Duck, JFrog X-Ray, Trivy, Twistlock/Prisma) ? Understanding of secure coding practices and with helping teams to adopt them (e.g., OWASP, SSDF) ? Experience designing quality gates into CI/CD pipelines -- -- , Krishnasree | US IT Recruiter Thought wave software and solutions 314 N, Lake St, Suite 6, Aurora IL 60506 Mobile Email: Website: LinkedIn: