REMOTE POSITION
The Application Security Engineer position is focused on performing application security testing, design, and working in partnership with development teams throughout the organization. The scope of responsibility includes, but is not limited to static and dynamic application security testing, penetration testing, maturing the software development life cycle, and API security testing.Successful candidates will be able to review application code and development environments for security concerns and best practices; making recommendations and assisting development teams in implementing recommendations from those assessments.
* Operate as a liaison between the Security Team and the Development Teams.
* Ensure developers and QA departments are trained with the appropriate level of security knowledge to perform their daily activities.
* Preserve PCI and SOX Security Certification programs as they relate to applications working with, transforming, or processing regulated and non-regulated data.
* Provide periodic security briefings and threat assessments as required along with written reports.
* Work with other staff to perform periodic scans and assessments.
* Assist in identifying and communicating security exposures, security incidents. Duties may also include participating in collecting and documenting cyber security and incident response data.
* Support incident response and architecture review whenever applications security expertise is needed.
* Integrate threat modeling practices into the SDLC
* Produce metrics reporting the state of application security programs and the performance of development teams against those requirements.
* Perform other duties as required
* Bachelors in Information Technology or related field is preferred.
* Prefer generally-accepted Industry InfoSec certifications such as CASE, CSSLP, CEH, Security+
* Minimum of five years of IT experience with at least three being in Information Security.
* Strong communication skills; ability to convey and document security guidelines, requirements, and coding best practices.
* Working knowledge of typical encryption and encrypted communication code solutions for data in transit and at rest.
* Ideal candidate will have experience in securing off-premise network resources, including colocation sites, remote data centers, Amazon Web Services and/or Azure.
* Candidate should have basic knowledge and working experience with Linux, Windows, VMware, and other operating systems and applications typically found in an enterprise corporate environment having remote locations.
* Familiarity with Security Best Practices in common coding languages such as (List Languages we use here)
* Strong logical and analytical thinker; exceptional skills in security systems solutions.
* Ability to work both independently and as part of a local and/or remote technology team.
* Attention to detail and demonstrated history of using careful approaches to tasks being performed.
* Can anticipate risks and mitigate issues in the moment.
* Experience and familiarity with the following:
o Kali Linux toolsets
o Risk management methodologies
o Threat Hunting
o Simulated threat skillsets (Red / blue teaming)
o DDoS knowledge
o Malware analysis
o Application Penetration Testing
o API Security Testing
o Software Development Life Cycle Design and Implementation
o Static and Dynamic Application Testing Tools and Methods
o Container and orchestration security (Kubernetes, Docker, Octopus, Github, etc)
o Familiarity with firmware security
o Familiarity with Application Security Testing Frameworks such as OWASP
————————-
This role requires the ability to work from home in a virtual environment, where the following is required;
reliable high-speed internet access (hotspot not acceptable)
dedicated distraction-free home work environment
COMPANY OVERVIEW:
CPI Card Group is a payment technology company and leading provider of credit, debit and prepaid solutions delivered physically, digitally and on-demand. CPI helps our customers foster connections and build their brands through innovative and reliable solutions, including financial payment cards, personalization and fulfillment, and Software-as-a-Service (SaaS) instant issuance. CPI has more than 20 years of experience in the payments market and is a trusted partner to financial institutions and payments services providers. Serving customers from locations throughout the United States, CPI has a large network of high security facilities, each of which is certified by one or more of the payment brands: Visa, Mastercard, American Express and Discover. Learn more at [
The health and safety of our employees continues to be a top priority at CPI Card Group as we face the challenges associated with the COVID-19 pandemic. Across our production and fulfillment facilities we have implemented procedures such as enhanced cleaning, daily temperature checks, social distancing measures, and required face masks for all individuals onsite in our facilities. We also continue to monitor federal, state and local health and safety guidelines and requirements to adjust our procedures as necessary. These are just a few examples of our commitment to the safety and health of our workplaces.
BENEFITS
Competitive pay rates and an inclusive, empowering and rewarding culture.
Solid benefits package including Medical, Dental, Vision, Long Term Disability, Short Term Disability, Life Insurance, Accident Insurance, Critical Illness Insurance, FSA, HSA, Vacation and Holiday Pay, Tuition Reimbursement and 401K with a competitive company match percentage.
CPI is an EEO Employer. A complete background including drug screen is contingent upon hire
IT & Telecoms
Job Details Full-timeEstimated: $85,000 – $110,000 a year1 hour ago Benefits Dental insurance Health insurance Paid time off 401(k) Vision...
Apply For This JobThis full-time, permanent (currently remote and intention is to be hybrid) position is in a healthcare related Software development firm...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Senior Network Engineer**Top Secret Clearance Required**BCMC,LLC is looking for motivated individuals to support a long-term,...
Apply For This JobDigital Products- Full Stack Tech Lead- Sr Manager Job Description & Summary A career in Products and Technology is an...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Company Probst Electric Inc. is a wholly-owned subsidiary of Quanta Services (NYSE: PWR), the largest...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> AscendTek, a telecommunications company, is seeking a Project Controls Manager for our Hawaii market. Offices...
Apply For This Job