logologologologo
  • HOME
  • ADVISORY
    • ERP Transformation Service
    • Cyber Security
    • Application Security
    • Process Controls Integration
    • Segregation of Duties/Sensitive Access and Cross-Platform SOD
    • Change Management
  • RISK CONSULTING AND COMPLIANCE
    • GDPR Assessment and Compliance
    • Strategic Solutions
    • Risk Assessments
    • PCI DSS Assessment
    • ISO 27001 Compliance
  • CYBER AND DATA
    • Penetration Testing
    • Cloud Security
    • IoT Security
  • MANAGED SERVICES
    • Security Operation Center
    • Incident Response
    • Digital Forensics
    • Threat Detection Engineering
    • Vulnerability Management
    • Information Technology Staff Augmentation
  • INDUSTRIES
  • CAREERS
  • BLOG
  • CONTACT
✕
Oracle Cloud Business Analyst
February 13, 2024
IT Operations Network Architect
June 10, 2023

Application Security Engineer

Published by Rovust on September 19, 2023
Categories
  • Jobs
  • DateSeptember 19, 2023

SEND APPLICATION (Resume) TO – Techires@rovust.com

CONTRACT DURATION: Six months

The selected candidate will provides application security, assists with implementing OWASP and secures SDLC, performs code reviews, assess Internet Information Services (IIS) and Apache configurations before Websites or Web services are released to production. Maintains an inventory of all applications, program dependencies and APIs.

Job Description

As an Application Security Engineer, you will play a pivotal role in ensuring the security and integrity of our software applications. You will collaborate with development teams to identify vulnerabilities, design and implement security measures, and enhance the overall security posture of our products. This role offers a unique opportunity to work at the forefront of technology and contribute to the protection of our organization’s digital assets.

Essential Job Duties:

  1. Identifies applicable industry best practices and consults with development teams on methods to continuously improving the risk posture. Maintains a risk register for material and critical assets, track applications risk score card and produce metrics to drive visibility for use by the CISO and Sr. management. Develops and enhances practices to align application development with the NIST 800-53 security framework to satisfy business and regulatory requirements to comply with CJIS, HIPAA and PCI-DSS.
  2. Implements secure Software Development Lifecycle (SDLC), enforces Security Policy, Standards and Controls including oversight of remediation activities. Conducts vulnerability reviews against Internet Information Services, Apache, Application Program Interfaces (API) and associated cryptographic functions and exchanges.
  3. Orchestrates and executes application security risk assessments independently with little or no guidance. Assesses applications, design threat models, documents potential risk vectors, checks for code vulnerabilities, recommends proportional controls and ensures risks are resolved expeditiously.
  4. Ensures Azure, SaaS and on-promise application security configurations and exchanges are free of Common Vulnerabilities and Exposures (CVE). Deploys applications for static and dynamic code testing. Research trends to meet future information security requirements.

Education, Experience and Training:

Bachelor’s degree from an accredited college or university in Computer Science, Management Information Systems, Mathematics, Engineering, or in a technical job related field of study. 

Six(6) years of work-related experience as Application Security Engineer, Application Security Developer or Sr. Application Security Analyst, scoping and recommending static and dynamic application security tools, collaborating with Application Development teams on projects, scanning code for vulnerabilities and CVEs, reducing threat vectors in Azure, API and in on premise application environments.

Special Requirements/Knowledge, Skills & Abilities:

  • Prior experience as a software developer, a detailed history of OWASP concepts and practices with the ability to teach others, hands on experience with NIST 800-53 and secure SDLC practices. Capability to contribute to project planning and communicate technical concepts in a manner that customers and stakeholders can gain an understanding.
  • Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) designation preferred. 
  • Ability to participate in an on-call rotating off-hours schedule.
  • Create and update technical documentation. Juggle multiple projects and priorities simultaneously. Familiar with Agile, Waterfall and Scrum methodologies. Strong analytical skills. Relies on extensive experience and judgment to plan and accomplish goals. Skilled in the use of standard and non-standard software applications.
  • Ability to effectively communicate both verbally and in writing, and establish and maintain effective working relationships with employees, departments and the general public. Must possess a valid Texas driver’s license, with a good driving record. 
  • Must pass a background investigation. Required to be on call at all times.

Qualified Candidates should send their resume to Techires@rovust.com

 

Share

Related posts

June 4, 2025

Cloud Engineer

Read more
May 30, 2025

Sr. Director of Software Engineering

Read more
May 29, 2025

Argo Developers (Argo Financial Software)

Read more

Navigation

  • Home
  • Blog
  • Careers
  • Certifications and Accreditation
  • Partners
  • Contact

Services

  • Advisory
  • Risk Consulting and Compliance
  • Cyber and Data Security
  • Managed Services

Quick Contact

+1 866-224-6765
info@rovust.com
10935 Estate Lane S305,
Dallas, TX 75238

  • Privacy Policy
© 2025 Rovust | All Rights Reserved