About the job

What you will be doing

The IT Application Security Engineer is responsible for analyzing the security of new or existing computer applications, software, or specialized utility programs. The person in this position will also assist in the development of software security standards, guidelines, procedures and training of application developers for secure coding techniques. The Engineer will also assist in the investigation of computer security incidents that are application related and collects, preserves, and analyzes application-related evidence in support of computer security investigations.

Responsibilities may include, but are not limited to the following:

-Applying coding and testing standards, apply security testing tools including “fuzzing” static-code scanning tools, and conduct code reviews

-Identifying common coding security flaws and provide to application development teams for process improvement

-Performing integrated quality assurance testing for security functionality and resiliency to attack

-Performing secure program testing, review and/or assessment to identify potential flaws in codes and mitigate vulnerabilities

-Performing penetration testing as required for new or updated applications

-Delivering technical reports and formal papers on test findings

-Creating secure code standards, guidelines and other pertinent documentation

-Identifying security implications and applying methodologies

-Developing secure software testing and validation procedures

-Translating security requirements into application design

-Analyzing security needs and software requirements

-Analyzing information from web application firewall

-Building security tools and frameworks

-Performing risk analysis

Why we are different

-Paid time off plus paid company holidays

-Profit sharing plan and 401(k)

-Paid community service hours

-Wellness program

-Free onsite medical clinic

What you need to be successful

-A bachelors degree in computer science, software engineering, cybersecurity or related field

-At least eight years of IT experience in host, network, application or security

-At least three years of software development experience

-At least two years of application security assessment experience

Information security related certification such as CISSP, CSSLP, GSSP-JAVA, GWEB

-Knowledge of the following:

Cybersecurity, privacy principles and organizational requirements

-System and application security threats and vulnerabilities

-Application firewall concepts and functions

-Penetration testing principles, tools and techniques

Application security risks

-Cryptographic processes

What your work environment will look like

Ability to work from home with company provided equipment

-Utilize Microsoft Teams and Zoom

Keep updated with what is going on with the company through emails, podcasts, videos, etc.

-Receive management support

-Beginning May 2, 2022, Ohio National will require associates to be fully vaccinated (as defined by the CDC) against COVID-19 unless you receive an approved medical or religious accommodation. You will be required to show proof of vaccination upon hire.

More Information

Apply for this job

Leave your thoughts