Talent.com
Application Security Engineer

Application Security Engineer

Akaasa TechnologiesTampa, Florida, USA
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Application Security Engineer

This is an Application Security Focused Engineer. Needs to have been involved in security for application front ends.

Location :

Acadia WI Advance NC Seattle WA and Tampa. Onsite 5 days / week

Role :

Front End Developer / Cyber Security Engineer

  • Need support to build safer applications due to recent attacks (web app / mobile cx)
  • This individual will work closely with engineering & security teams to ensure a strategy moving forwards
  • App side & less infrastructure focused
  • OWASP Top 10
  • Svelte
  • API (shared responsibility)

Key Responsibilities :

Frontend Development & Security Integration

  • Architect and develop secure frontend applications using modern frameworks (Svelte React Flutter etc.)
  • Implement security-first design principles in web and mobile application development
  • Build and maintain security libraries components and frameworks for development teams
  • Design secure authentication and authorization flows (OAuth 2.0 SAML JWT)
  • Implement Content Security Policy (CSP) CORS and other browser security mechanisms

    • Application Security Leadership

  • Conduct security code reviews and vulnerability assessments for frontend applications
  • Implement OWASP Top 10 mitigation strategies across all web properties
  • Design and implement secure API consumption patterns and data handling
  • Lead security testing initiatives including SAST DAST and penetration testing coordination
  • Develop secure coding standards and security guidelines for development teams

    • Infrastructure Security & Performance

  • Configure and optimize CDN security settings (Fastly)
  • Implement and manage Web Application Firewall (WAF) rules and policies
  • Design DDoS protection strategies and rate limiting mechanisms
  • Optimize application performance while maintaining security standards
  • Monitor and respond to security incidents affecting frontend applications

    • Security Tools & Monitoring

  • Implement security monitoring and alerting for frontend applications
  • Integrate security scanning tools into CI / CD pipelines
  • Configure and manage security headers and SSL / TLS implementations
  • Develop automated security testing and compliance validation
  • Create security dashboards and reporting mechanisms

    • Team Leadership & Education

  • Mentor development teams on secure coding practices
  • Conduct security training and awareness sessions
  • Collaborate with DevSecOps Security and SRE teams on security initiatives
  • Lead incident response for application security events
  • Stay current with emerging security threats and mitigation techniques

    • Required Qualifications :

  • Experience : 7 years in frontend development with 4 years focused on application security
  • Security Expertise : Deep understanding of OWASP Top 10 security vulnerabilities and mitigation strategies
  • Frontend Technologies : Expert-level proficiency in JavaScript TypeScript HTML5 CSS3
  • Frameworks : Strong experience with Svelte or React with security considerations
  • Security Tools : Hands-on experience with SAST / DAST tools vulnerability scanners penetration testing
  • Web Security : Extensive knowledge of CSP CORS XSS prevention CSRF protection input validation
  • Infrastructure : Experience with CDN configuration WAF management and DNS security
  • Authentication : Implementation experience with OAuth SAML JWT and multi-factor authentication
  • Compliance : Understanding of PCI DSS GDPR CCPA and other relevant security standards
  • DevSecOps : Experience integrating security into CI / CD pipelines

    • Preferred Qualifications :

  • Certifications : CISSP CEH OSCP AWS Security Specialty or equivalent security certifications
  • Cloud Security : Experience with AWS / Azure / GCP security services and configurations
  • Mobile Security : Understanding of mobile application security (iOS / Android)
  • API Security : Experience with GraphQL security REST API protection and microservices security
  • Threat Modeling : Experience with application threat modeling and risk assessment
  • Incident Response : Background in security incident response and forensics
  • E-commerce Security : Experience securing e-commerce platforms and payment processing
  • Zero Trust : Understanding of Zero Trust architecture principles

    • Technical Skills :

  • Languages : JavaScript TypeScript Python (for security scripting)
  • Security Frameworks : OWASP ASVS NIST Cybersecurity Framework
  • Security Tools : Burp Suite OWASP ZAP Nessus Qualys Checkmarx Veracode
  • Monitoring : SIEM integration security logging threat detection
  • Infrastructure : Terraform Docker Kubernetes security configurations
  • Version Control : Git with security branch protection and code signing

    • Key Skills

    Children Activity,EAM,Engineering Support,Maintenance Engineering,Accident Investigation,Branding

    Employment Type : Full-time

    Experience : years

    Vacancy : 1

    serp_jobs.job_alerts.create_a_job

    Application Security Engineer • Tampa, Florida, USA