EXCITED TO GROW YOUR CAREER? WERE GLAD YOURE HERE!? MaritzCX is the only customer experience company that combines one of the worlds most advanced CX software platforms with industry-leading research services and world-class CX expertise. Were looking for a seasoned Application Security Engineer to join our team in either Lehi (UT), St. Louis (MO), Maumee (OH) or Austin (TX). This role will serve as the bridge between our InfoSec and Software development teams. You must have a broad understanding of the current cyber security landscape, with a background in application security, secure coding practices, code analysis, and process documentation. You will collaborate with the InfoSec, Engineering, Product and Platform teams to engineer and implement application security controls based upon policies, standards, and best practices. In addition, you will create advisory and strategy documents, conduct proof-of-concept evaluations, selection advice and recommendations, and determine optimal ways of integrating technology into new and existing processes.
- Creating new code and refactor existing code using object-oriented programming and SOLID principles
- Participating in incremental design and architectural improvements, especially from an application security perspective
- Actively participating in Scrum/Agile processes
- Debugging and troubleshooting existing code
- Working in tandem with other developers both onsite or in other MaritzCX locations and remote workers around the world
Required Skills and Knowledge:
- 5+ years of related experience in Software Development
- Experience working with C# and the ASP.NET MVC framework
- Experience with HTML and CSS
- Knowledge of REST web services and WCF services
- Understanding of OWASP Top 10 Critical Web Application Security Risks, including how to test for and mitigate each
- Knowledge of application security scanning and pen testing tools and techniques
- Experience in analysis of application testing results and recommending corrective action.
- Knowledge of best practices for application security issue prevention, including secure coding best practices, Secure SDLC and Development Operations
- Demonstrated experience developing and revising processes and procedure documents
- Ability to influence, train, mentor and leverage the skills of others
- Understanding of the SaaS model from a security perspective: http/https protocols, client-side technologies, APIs, secure cookie usage, SSO
- Working knowledge of network/infrastructure security technologies (firewall, IDS/IPS, WAF)
- Certifications: GWEB, GSSP, GWAPT, CSSLP, CASE, OSWE or other certification related to secure web development
- Knowledge of security requirements for ISO 27001/27002, NIST CSF, SOC2, HiTRUST, FedRAMP
- Bachelor's Degree in Software Security, Computer Science, Computer Engineering, or Information Security; or equivalent professional experience
DISCLAIMER: This job description is designed to indicate the general nature and level of work performed by associates within this classification. It is not designed to confirm or be interpreted as a comprehensive summary of all duties, responsibilities and qualifications required of associates assigned to this job.
Maritz will only employ applicants who have authorization to work permanently in the U.S. This is not a position for which sponsorship will be provided. Those who need sponsorship for work authorization now or in the future are not eligible for hire. No calls or agencies please.
Maritz is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. If you have a disability and are having difficulty accessing or using this website to apply for a position, you can request help by calling 1-636-827-1650 or by sending an email to email@example.com .