Attain Partners · 2 hours ago
Application Security Engineer
North Carolina, United States
Full-time
Remote
Mid, Senior Level
$125K/yr - $150K/yr
5+ years exp
Maximize your interview chancesConsultingInformation Services
Hiring Manager
Kara Simms
Insider Connection @Attain Partners
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Design and implement the client’s AppSec program, including tool deployment and configuration. Integrate SAST tools into customer deployment pipelines.
Develop all relevant documentation, including diagrams and concept of operations (CONOPS).
Create compliance documentation and collaborate with the Product Manager (PM) to ensure system adherence.
Actively own and deliver assigned on-boarding applications through assessment, training, configuration and tuning phases.
Act as a technical liaison between the product team and consumers.
Present solutions to technical teams and client leadership.
Troubleshoot SAST tool-related issues and code vulnerabilities, recommending code solutions as needed.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s degree in Computer Science, Information Systems, Engineering, or other related scientific or technical field, or at least 8 years of IT experience and no degree requirement
Minimum of 3+ years as a senior engineer supporting efforts in AppSec (SAST, SCA) and/or DevSecOps for developers/engineers
5+ years of fluency in one or more high-level programming languages (e.g., Python, Java, JavaScript) within an enterprise environment
Experience with source code management tools (e.g., GitHub, Bitbucket)
2+ years supporting code scanning within the SDLC and modern CI/CD pipelines (e.g., GitHub Actions, Jenkins)
2+ years of demonstrable experience in configuring SAST and SCA tools (e.g., Fortify, Snyk, Veracode) and leveraging AppSec concepts and principles
5+ years of hands-on experience in SDLC software development, troubleshooting vulnerabilities, and implementing remediation practices
Ability to recommend remediation strategies to developers
5+ years of experience working in enterprise cloud environments (e.g., AWS, Azure, Google Cloud) IaaS, PaaS and SaaS
2+ years of experience deploying or accessing AWS services, with demonstrable experience with AWS API automation
2+ years of advanced-level CI/CD experience, including building and maintaining pipelines, automating AppSec tools, and integrating reporting mechanisms
5+ years of experience triaging and supporting developer requests for vulnerability investigation using tools like JIRA, GitHub, or ServiceNow
2+ years of experience training users on AppSec tools usage and DevSecOps best practices
Experience with SCRUM and/or SAFe (Scaled Agile Framework) methodologies in a development or operational environment
Proven success in managing and excelling in ambiguous environments, demonstrating resilience and grit to drive results despite uncertain or evolving conditions
Must be a self-starter who can drive initiatives independently, establish structure, and provide clarity without requiring close supervision or hand-holding in dynamic or less-defined settings
Preferred
AWS Certifications
2+ years of experience with software provenance, following Supply-chain Levels for Software Artifacts (SLSA), and working with code signing practices
Experience using quality gates to ensure software meets release thresholds
Company
Attain Partners
Based in McLean, Va., Attain Partners is a leading strategy, technology, and compliance consulting firm delivering services and solutions to advance client missions across the education, nonprofit, healthcare, and state and local government landscapes.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
$0.25M2015-03-15Seed· $0.25M
Leadership Team
Greg Baroni
Chairman & Chief Executive Officer
Recent News
2024-06-03
2023-12-29
Company data provided by crunchbase
