Morgan & Morgan is seeking a Senior Application Security Engineer to join their Cybersecurity Team. This is a full-time position with a competitive salary and benefits package. The successful candidate will have 3-5 years of experience in a similar role and be proficient in modern languages and security frameworks.
Responsibilities:
- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Define and implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert on emerging threats and secure coding techniques
- Create security integration into the SDLC process
- Establish metrics and reporting
Requirements:
- 3-5 years of experience in a similar role
- Working knowledge of current web and application security standards and best practices
- Deep experience securing applications and APIs on AWS
- Hands-on experience with modern API security
- Proficiency securing applications and APIs on cloud platforms
- Excellent communication skills with the ability to communicate business risk from cybersecurity issues
- Experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record of conducting threat modeling, security code reviews, and penetration testing
- Demonstrable programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire
- Self-motivated, ambitious, and action-oriented
Benefits:
- Competitive salary
- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays
Equal Opportunity Statement:
Morgan & Morgan is committed to providing equal employment opportunities to all employees and applicants for employment. The firm prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
E-Verify:
Morgan & Morgan participates in E-Verify and will provide the federal government with Form I-9 information to confirm authorization to work in the . If E-Verify is unable to confirm authorization, the employer will provide written instructions and an opportunity to resolve the issue with the Department of Homeland Security or Social Security Administration before taking any action, including termination of employment.
Privacy Policy:
Please refer to Morgan & Morgan's privacy policy for more information.
