ScottsdaleRecruiter Since 2001
the smart solution for Scottsdale jobs

Application Security Engineer

Company: Nextiva
Location: Scottsdale
Posted on: June 13, 2021

Job Description:

At Nextiva, we don't study industry trends and build our products and services reactively; instead, we look to be the leader in defining the trends, during these unprecedented times.

We strive to be the best of the best across multiple technology channels - UCaaS and SaaS to name a few. We are determined to help write the future for businesses around the globe by creating innovative products and an agnostic platform that delivers first-class communications tools in the hands of every business. We are a global team of the fastest-growing, privately held provider of cloud communications.

We are actively looking for amazing people, like you, to join our team!

At Nextiva, we don't study industry trends and build our products and services reactively; instead, we look to be the leader in defining the trends. We strive to be the best of the best across multiple technology channels - UCaaS and SaaS to name a few. We are determined to help write the future for businesses around the globe by creating innovative products and an agnostic platform that puts first-class communications tools in the hands of every business. We are a global team of 1,000+ and are the fastest-growing privately held provider of cloud communications.

Nextiva is currently seeking to enhance our team by adding an experienced Application Security Manager to our team. We are looking for a bright, hardworking, self-motivated individual who has a desire and aptitude for technical problem-solving, and who can manage diverse technical challenges.

As an Application Security Engineer, you will work closely with members of the CIO, Information Security and Product Development teams with the goal of helping to identify, mitigate and remediate security risks throughout the application portfolio. The right candidate is a self-starter with excellent development skills to perform duties such as, but not limited to, research and development of secure coding methodologies, providing experienced guidance pertaining to secure application development design and testing.

Key Responsibilities:

  • With Information Security, implement a Secure Development Life Cycle Policy
  • Perform risk based, technical assessments of applications, using both dynamic and static scanning tools, produce reports, and work with development teams to ensure vulnerabilities are remediated within agreed SLA's
  • Enable development teams to automate and effectively employ application security tools, such as static application security testing (SAST), dynamic application security testing (DAST), and source component analysis/dependency analysis
  • Guide development teams on application and system level security and privacy architecture to meet company and regulatory requirements
  • Develop a formal Application Security Verification Standard
  • Ensure quality web application security audits to ensure internal and industry standards, procedures, and methodologies are being followed
  • Consult with other IT teams as required on application security practices, questions about vulnerabilities, and identify remediation approaches
  • Assist with the creation of training materials to educate developers and other stakeholders about key application security concepts.
  • Perform routine monitoring and audits of systems
  • Lead the Application Risk Assessment program and conduct application risk assessments
  • Maintain and update policies and procedures for Application Risk Assessment program based on HITRUST Security Framework
  • Collaborate on critical IT managers to ensure that application security issues are addressed throughout the manager life cycle
  • Follow detailed operational procedures to appropriately analyze, escalate, and assist in remediation of application security incidents
  • Participate in the execution of application security audits
  • Keep up-to-date with industry changes by attending training, understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations

Minimum Qualifications:

  • Bachelor s degree in Computer Science, Information Security/Cyber Security or equivalent
  • 3+ years previous experience in information security
  • 5+ years experience working within software development
  • Firm understanding of enterprise class application architectures that are highly scalable and reliable and the ability to secure them
  • Experience of security architecture and design reviews
  • Ability to effectively work as part of a cohesive and agile team
  • Excellent problem-solving skills required
  • Self-starter with the ability to work with minimal supervision
  • Detailed, control oriented, and thorough professional communication skills (written, verbal) in English and be able to work with both highly technical and non-technical individuals

Preferred Qualifications:

  • In-depth knowledge of web application vulnerabilities and exploitation techniques, SDLC, and identity and access management
  • Experience in application and infrastructure security practices and standards (such as OWASP, CIS, SDLC)
  • Web application development experience in Java, Python and Go
  • Experience reviewing code for vulnerabilities in Java, Python, Go, Javascript/jQuery
  • Knowledge of white hat hacker tools such as Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Wireshark and source code analyzers
  • Familiarity in application security scanning technologies (Veracode, AppScan) such as static application security testing (SAST), dynamic application security testing (DAST), single sign-on, and encryption
  • Familiarity with cloud-based (e.g., AWS, Oracle) application development services and tools
  • Familiarity with security and privacy compliance requirements, such as HIPAA, PCI, GDPR, and California CCPA
  • Understanding of Single Sign-on technologies and SAML
  • Excellent problem-solving skills required
  • Self-starter with the ability to work with minimal supervision
  • Detailed, control oriented, and thorough professional communication skills (written, verbal) in English and be able to work with both highly technical and non-technical individuals

Nextiva is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

#LI-SC1

Keywords: Nextiva, Scottsdale , Application Security Engineer, Other , Scottsdale, Arizona

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Arizona jobs by following @recnetAZ on Twitter!

Scottsdale RSS job feeds