Job Title: Application Security Engineer
Location: Brooklyn NY 11201 (The position will be 3-day onsite hybrid)
Duration: 12 months+
Years of Experience: 10+ Years
Required Hours/Week: 35Hours/Week
Note:
- local candidates only & F2F Interview
Job Overview:
- The Application Security Engineer is embedded within the Application Development team and ensures security is integrated into all stages of software development. The role focuses on designing and building secure applications while working closely with application administrators who manage security tools and CI/CD pipelines.
- This position is responsible for enabling developers to produce secure, resilient, and compliant software for web, mobile, API, GIS, and cloud-based systems supporting Fire, EMS, and administrative operations.
Responsibilities:
1. Secure Software Development
- Establish and apply secure coding practices within the development team.
- Define and enforce secure coding standards for Java, .NET, Python, and JavaScript applications.
- Conduct secure design and architecture reviews for new and legacy systems.
- Educate developers on secure coding practices, authentication/authorization best practices, and common application vulnerabilities.
Apply protections aligned with:
o OWASP Top 10
o OWASP API Security Top 10
2. Application & API Security
- Design and implement secure REST APIs and web services.
Implement secure authentication/authorization using:
o SAML2
o OIDC
o OAuth2
Secure Java and JavaScript applications, including:
o Spring Boot
o React
- Ensure secure handling of tokens, sessions, and secrets.
- Collaborate with App Admins and Security team to integrate applications into WAFs, load balancers, and other security monitoring tools.
Mandatory Qualifications:
- Minimum 4+ years in secure application development.
- Prior hands-on software development experience.
Strong understanding:
o Web and mobile application architecture
o Internet protocols (HTTP, HTTPS, WebSockets)
o REST API security
- Expertise in SAST, DAST, and SCA concepts (understanding results and remediation), in collaboration with App Admins.
- Familiarity with security tools such as Veracode, Burp Suite, Zimperium, Prisma, Rapid7.
- Experience applying NIST 800-53 and 800-171 controls at the application design level.
- Strong analytical, troubleshooting, and problem-solving skills.
- Ability to work independently within a development-focused team.
Preferred Qualifications:
- Experience with containerized applications (Docker, Kubernetes).
Knowledge:
o Core Java, J2EE, Spring Boot
o React, AngularJS, HTML5, CSS, JavaScript
- Experience designing secure GIS systems.
- Familiarity with public safety or emergency response systems.
Skills Required
- Minimum 4+ years in secure application development
- Prior hands-on software development experience
- Strong understanding of web and mobile application architecture
- Expertise in SAST, DAST, and SCA concepts
- Familiarity with security tools such as Veracode, Burp Suite, Zimperium, Prisma, Rapid7
- Experience applying NIST 800-53 and 800-171 controls
- Strong analytical, troubleshooting, and problem-solving skills
- Ability to work independently within a development-focused team
Peer Consulting Resources Inc. Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Peer Consulting Resources Inc. and has not been reviewed or approved by Peer Consulting Resources Inc..
-
Healthcare Strength — Employer materials describe fully employer-paid employee healthcare premiums plus disability and life insurance, with HSA or PPO options and dental coverage. These elements indicate a potentially robust core health package if implemented as stated.
-
Retirement Support — Employer materials highlight a safe-harbor 401(k) contribution available regardless of employee deferral. This structure provides predictable retirement support beyond match-only plans.
-
Wellbeing & Lifestyle Benefits — Stipends for mobile/internet, travel conveniences, licensure upkeep, and remote-work flexibility are presented as part of the total package. These perks can enhance day-to-day support for consulting work.
Peer Consulting Resources Inc. Insights
What We Do
Peer Consulting Resources Inc. is a women owned IT consulting services, and business process services, dedicated to helping the companies build stronger businesses. We're driven by a passion to help our clients build stronger and innovative businesses. We combine a passion for client satisfaction, technology innovation, deep industry & business process expertise with a collaborative expertise and enhance businesses’ productivity by ensuring that vital business functions work faster, cheaper and better. And, our ability to conceptualize, architect, implement, test, and support new and expanded functionalities allows clients to transform legacy models to take their business to the next level.
