Application Security Engineer

Application Security EngineerThe Application Security Engineer is a position of technical expertise, influence, and leadership in the security technology realm. The Application Security Engineer is highly passionate and is a deeply technical security.Expert to help the University and its employees develop sound security practices. WGU The Application Security Engineer will deliver security solutions, risk and control guidance, lead proof-of-concept projects, and conduct workshops. Experience determining, verifying and documenting security flaws in accordance with industry best practices.Essential Functions and Responsibilities:- Work with developers as part of the Software Development Life Cycle- Cultivate secure coding standards based on industry accepted frameworks- Prioritize and track assigned security issues- Enforce secure development standards and requirements- Familiarity with compliance & security standards across the enterprise IT landscape deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a complex environment- Harden networks, containers, VMs, and other cloud infrastructure to reduce risk of cloud security misconfigurations- Write and implement policy-as-code to automate the enforcement of compliance and security configuration management- Working knowledge of cloud computing technologies- Familiarity with archive, backup/recovery and business continuity processes in distributed operations- Demonstrated ability to think strategically about business, product, and technical challenges- Assist with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, vulnerability management- Functions equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains- Assist in the development of cloud security policies and procedures- Build and maintain relationships across the University to promote cloud security initiatives.- Identify gaps in the University’s security model, suggest solutions including tools and processes- Engage with security architects to capture design requirements for cloud architectures and implementation strategies- Create new processes, identify new threats and mitigation strategiesKnowledge, Skill and Abilities:- Experience with security industry standards and best practices- Proven experience with interpretation and implementation of those standards in a corporate environment- High integrity. Will be working with sensitive data- Operate Information security tools and processes- Execute established security practices with consistency and discipline- Hands on experience integrating security into the various stages of a CI/CD pipeline.- Solid understanding of core AWS services including compute (EC2, ECS, Lambda), network (VPC, Subnets, Security Groups), storage (S3, EFS, EBS), database (RDS), and identity (IAM).- Complete understanding of cloud security engineering principles as applied in the support of, and integration with, key business and strategic priorities- Experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)- Scripting language experience (Bash, Python, etc.) with strong working knowledge of automation- Strong analytical and technical skills- Good written and oral communication skills- Knowledge of threat modeling and risk assessment strategies- Highly technical and analytical, possessing 7 or more years of IT implementation experienceMinimum Qualifications:Preferred Qualifications:- CISSP Certification- Masters Degree in IT security, compliance or risk management- ISACA Certifications- Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies- Solid understanding of the AWS well architected framework with working experience on implementing the security pillar of the framework- CCSP, CCSK, CISSP and AWS certifications- Working knowledge of federated single sign on (SSO) solutions.- Experience with designing and implementing native AWS security tools like Guard Duty, Security Hub, IAM access analyzer, Macie, Inspector, and WAF- Ability to assist in establishing a DevSecOps process using available AWS services- Practical working experience establishing AWS IAM user groups, roles, and policiesDisclaimer: This Job Description has been designed to indicate the general nature, essential duties, and responsibilities of work performed by employees within this classification. It does not contain a comprehensive inventory of all duties, responsibilities, and qualifications that are required of the employee to do this job. Duties, responsibilities and activities may change at any time with or without notice. This Job