Talent.com
Application Security Engineer

Application Security Engineer

Akaasa TechnologiesTampa, FL, United States
job_description.job_card.variable_hours_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
  • serp_jobs.filters_job_card.quick_apply
job_description.job_card.job_description

Application Security Engineer

This is an Application Security Focused Engineer. Need's to have been involved in security for application front ends.

Location :

Acadia WI, Advance, NC, Seattle, WA, and Tampa. Onsite 5 days / week

Role :

Front End Developer / Cyber Security Engineer

  • Need support to build safer applications due to recent attacks (web app / mobile cx)
  • This individual will work closely with engineering & security teams to ensure a strategy moving forwards
  • App side & less infrastructure focused
  • OWASP Top 10
  • Svelte
  • API (shared responsibility)

Key Responsibilities :

Frontend Development & Security Integration

  • Architect and develop secure frontend applications using modern frameworks (Svelte, React, Flutter, etc.)
  • Implement security-first design principles in web and mobile application development
  • Build and maintain security libraries, components, and frameworks for development teams
  • Design secure authentication and authorization flows (OAuth 2.0, SAML, JWT)
  • Implement Content Security Policy (CSP), CORS, and other browser security mechanisms

    • Application Security Leadership

  • Conduct security code reviews and vulnerability assessments for frontend applications
  • Implement OWASP Top 10 mitigation strategies across all web properties
  • Design and implement secure API consumption patterns and data handling
  • Lead security testing initiatives including SAST, DAST, and penetration testing coordination
  • Develop secure coding standards and security guidelines for development teams

    • Infrastructure Security & Performance

  • Configure and optimize CDN security settings (Fastly)
  • Implement and manage Web Application Firewall (WAF) rules and policies
  • Design DDoS protection strategies and rate limiting mechanisms
  • Optimize application performance while maintaining security standards
  • Monitor and respond to security incidents affecting frontend applications

    • Security Tools & Monitoring

  • Implement security monitoring and alerting for frontend applications
  • Integrate security scanning tools into CI / CD pipelines
  • Configure and manage security headers and SSL / TLS implementations
  • Develop automated security testing and compliance validation
  • Create security dashboards and reporting mechanisms

    • Team Leadership & Education

  • Mentor development teams on secure coding practices
  • Conduct security training and awareness sessions
  • Collaborate with DevSecOps, Security, and SRE teams on security initiatives
  • Lead incident response for application security events
  • Stay current with emerging security threats and mitigation techniques

    • Required Qualifications :

  • Experience : 7+ years in frontend development with 4+ years focused on application security
  • Security Expertise : Deep understanding of OWASP Top 10, security vulnerabilities, and mitigation strategies
  • Frontend Technologies : Expert-level proficiency in JavaScript, TypeScript, HTML5, CSS3
  • Frameworks : Strong experience with Svelte, or React with security considerations
  • Security Tools : Hands-on experience with SAST / DAST tools, vulnerability scanners, penetration testing
  • Web Security : Extensive knowledge of CSP, CORS, XSS prevention, CSRF protection, input validation
  • Infrastructure : Experience with CDN configuration, WAF management, and DNS security
  • Authentication : Implementation experience with OAuth, SAML, JWT, and multi-factor authentication
  • Compliance : Understanding of PCI DSS, GDPR, CCPA, and other relevant security standards
  • DevSecOps : Experience integrating security into CI / CD pipelines

    • Preferred Qualifications :

  • Certifications : CISSP, CEH, OSCP, AWS Security Specialty, or equivalent security certifications
  • Cloud Security : Experience with AWS / Azure / GCP security services and configurations
  • Mobile Security : Understanding of mobile application security (iOS / Android)
  • API Security : Experience with GraphQL security, REST API protection, and microservices security
  • Threat Modeling : Experience with application threat modeling and risk assessment
  • Incident Response : Background in security incident response and forensics
  • E-commerce Security : Experience securing e-commerce platforms and payment processing
  • Zero Trust : Understanding of Zero Trust architecture principles

    • Technical Skills :

  • Languages : JavaScript, TypeScript, Python (for security scripting)
  • Security Frameworks : OWASP ASVS, NIST Cybersecurity Framework
  • Security Tools : Burp Suite, OWASP ZAP, Nessus, Qualys, Checkmarx, Veracode
  • Monitoring : SIEM integration, security logging, threat detection
  • Infrastructure : Terraform, Docker, Kubernetes security configurations
  • Version Control : Git with security branch protection and code signing
    • serp_jobs.job_alerts.create_a_job

    Application Security Engineer • Tampa, FL, United States