ApplicationSecurityEngineer

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U. S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Run client SAST, DAST, and SCA tools, review outputs and provide recommendations; Implement integrations for tools into pipelines, ticketing systems, etc.; Collaborate with developers to provide secure design guidance and remediation strategies; Familiarity with CI/CD systems (i. e. GitHub) and integrating software security tools into the development workflow; Strong understanding of web application security principles and best practices; Manage, maintain and operate application security tooling, including configuration, tuning, and automation. Position allows for 100% remote work from within the US. Requirements: Bachelor's degree in Computer Science, Information Systems or Information Security, and 4 years progressive baccalaureate experience as a security engineer, security analyst or related position working in Application Security. Must have 2 years of experience with each of the following: Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e. g. Azure Dev Ops, Jenkins, Bamboo, etc.); Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience; Manual testing tools such as Burp Suite Pro; Knowledge of and experience with SAST/DAST/SCA Application Security tools (Invicti (DAST) or Checkmarx (SAST/SCA); Experience with the integration of tools into development pipelines; Experience underst