Application Security Engineer (San Antonio, TX)

| San Antonio, TX
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
The Application Security Engineer will deliver secure cloud infrastructure and software using best practices and commercial & open-source security testing tools. This individual will work across departments on key business initiatives, including direct-to-consumer, and support the organization's continued adoption of AWS and Azure cloud services. The candidate will automate security testing in the development process and work with Cybersecurity, Infrastructure, DevOps, and Application Development teams to interpret requirements and translate them into actions while balancing security, agile software development, continuous integration and deployment (CI/CD).

• Perform security testing of applications early in the software development lifecycle, leveraging DAST, SAST, and assess applications against Cybersecurity best practices, policies, and compliance mandates.
• Manage the security components of continuous integration and delivery software pipeline to ensure security testing is performed throughout the CI/CD pipeline.
• Automate Cybersecurity controls testing within CI/CD pipelines that package, test, and deploy infrastructure and containerized applications.
• Design and implement threat modeling processes to determine the controls needed for a given application within the software development lifecycle.
• Provide SME guidance in assessing cloud infrastructure to address findings resulting from design reviews, threat modeling, and SAST and DAST testing.
• Perform vulnerability assessment, pen testing, and work across department lines to communicate findings and drive forward risk remediation efforts.
• Contribute to the decisions being made that impact Hearst's cloud implementations, direction, and cloud security posture.
• Design and implement security risk metrics monitoring to report on threats and the Cybersecurity posture; define data reporting metrics to drive forward continuous security improvements, including gate checks and integrated view of projects in the pipeline.
• Perform technical security configuration assessments of cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), and Google Cloud.

Who you are:
• Bachelor's Degree, or equivalent work experience and certifications
• Minimum of five years in IT with a focus in application development or security
• Demonstrated background in Penetration Testing, Secure Development Lifecycle methodologies, Expertise in identifying vulnerabilities, static/dynamic code analysis, code reviews.
• Experienced in Python, Perl, JavaScript, Shell scripting, Familiarity with SAFe, agile release train concepts, and Agile methodology
• A good understanding across cloud and infrastructure components (server, storage, network, data, and applications) Hands-on experience using tools such as Whitehat, Tenable, Veracode, Netsparker, or AppInsight as well as Jenkins, GitLab, Puppet, Vault, and Grafana or other related automation and orchestration toolset
• Expertise in working with CI/CD tools and pipeline such as Azure Dev Ops, Jenkins, Github, Gitflow, artifact repository
• Experience with collaboration tools such as Jira, sprint planning, task ownership, comfortable in customer-facing roles
• Understanding of industry-leading practices around cyber risks and cloud security using industry standards such as CIS Benchmarks, Cloud Security Alliance, and NIST SP 800-144, and 800-145 One or more industry-leading certification is preferred CCSP, GCSA, CSSLP
More Information on Hearst
Hearst operates in the Digital Media industry. The company is located in New York, NY. Hearst was founded in 1887. It has 3010 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability Insurance, Dental Benefits, Vision Benefits, Health Insurance Benefits and Life Insurance. To see all 137 open jobs at Hearst, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Hearst's full profileFind similar jobs