Junior Application Security Engineer

Wilmington, DE-Hybrid 

Monday through Friday 8:00 a.m. to 5:00 p.m.

Candidates for this position must be eligible to work in the United States without sponsorship.  Time on-site or time zone may be necessary based on business need.

Some of the things you will be doing:

Provide expertise in the Application Security areas of Web Application Security Services, API Security and Application Security Testing. Develop policies to protect web application and API’s from malicious payload attacks, provide virtual patching capabilities and validation with Security Testing. Assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.

What technical skills, qualifications, and experience do you need?

Knowledge in building the F5 WAF, API Security, BOT protection, DOS/DDOS protection policies and extending them to hybrid cloud environment -AWS and Azure environment Familiarity with DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA Knowledge of Cloud & Kubernetes Resource Security, Secure Network and Architecture, SDLC standard and policies Familiarity with Web App Protection AWS and Azure App Protection Policy, Configuration, and Security Management tools Expertise in Programming languages Python, NodeJS, SQL query and Vulnerable Code remediation.  Stay up to date with the latest application security threats and trends Proficiency in designing, implementing, and maintaining effective security policies for web applications using WAF technologies Experience coordinating and performing vulnerability assessments using automated and manual tools Ability to review and analyze WAF logs to detect and respond to security incidents promptly Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives Experience with BI Design and Development Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc.) Familiarity with common security libraries, security controls, and common security flaws

#LI-SP1