- Work with the various BU stakeholders who manage code pipelines to ensure they are including our security testing and tools in those pipelines.
- Document and inventory engineering pipelines, pipeline owners, and communicate our standards and minimum-security requirements to them.
- Create processes that are adaptable to evolving technologies and conduct Proof of Concept (POC)/Proof of Value (POV) exercises for application security.
- Enforce pipeline requirements:
- Ensure that secure pipeline best practices are being followed by developers (encrypt
- environment variables when possible, proper secrets management, etc.)
- Ensure all source code is onboarded and being tested for security vulnerabilities with current
- company SAST/secret scanning solution.
- Ensure that container security agents are deployed to application infrastructure in dev, staging, and production.
- Ensure that logging/endpoint security agents are deployed in pipelines. The Logging and
- Endpoint Leads will work directly with stakeholders on actual deployments and training.
- Ensure that applications are protected by WAF (Akamai, Signal Science, AWS WAF, )
- Ensure that applications are onboarded into DAST platform.
- Ensure that critical applications are added to the Pen Testing queue.
- Work closely with SAST/DAST/Container Security/CSPM platform leads.
- Work with broader teams on tagging/automations for critical applications. This is more process or standards based than hands on.
- Develop strategies and coordinate with stakeholders on remediation prioritization.
- Mobile Application Security Testing
- 5+ years of Application Security and software development experience required.
- Experience with Vulnerability Management
- Experience with SAST and DAST remediation
- Experience with Container Scanning remediation
- Experience with Sensitive Credential scanning in a SCM system.
- Experience with Mobile Security remediation
- Experience driving projects with minimal supervision.
- Goal driven individual with good technical, interpersonal, communication, and organizational skills.
- Embraces and fosters "innovation" by working on new things in new ways every day.
- Acts as an Information Security domain authority and is comfortable interacting with employees at all levels and roles
- Medical Insurance - Four medical plans to choose from for you and your family
- Dental & Orthodontia Benefits
- Vision Benefits
- Health Savings Account (HSA)
- Health and Dependent Care Flexible Spending Accounts
- Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance
- Hospital Indemnity Insurance
- 401(k) including match with pre and post-tax options
- Paid Sick Time Leave
- Legal and Identity Protection Plans
- Pre-tax Commuter Benefit
- 529 College Saver Plan
-
AppSec Engineer
2 weeks ago
Motion Recruitment Partners LLC Los Angeles, United StatesAppSec Engineer / Pipeline Security / DevSecOps · Los Angeles, California · Open to Remote · Contract · $80/hr - $85/hr · My client is a top streaming company and they are looking for an application pipeline security engineer/DevSecOps to help lead and execute various Application ...
-
AppSec Engineer
2 weeks ago
Motion Recruitment Partners, LLC Los Angeles, United StatesMy client is a top streaming company and they are looking for an application pipeline security engineer/DevSecOps to help lead and execute various Application Pipeline Security initiatives and build robust automation frameworks. · Responsibilities:Work with the various BU stakeho ...
-
AppSec Engineer
5 days ago
Motion Recruitment Los Angeles, United StatesMy client is a top streaming company and they are looking for an application pipeline security engineer/DevSecOps to help lead and execute various Application Pipeline Security initiatives and build robust automation frameworks. · Responsibilities: · Work with the various BU sta ...
-
AppSec Engineer
5 days ago
Motion Recruitment Partners LLC Los Angeles, United StatesMy client is a top streaming company and they are looking for an application pipeline security engineer/DevSecOps to helplead and execute various Application Pipeline Security initiatives and build robust automation frameworks. · Responsibilities: · Work with the various BU sta ...
-
Telecommute Application Security Engineer
2 weeks ago
Zoox Los Angeles, CA, United StatesZoox is looking for an Application Security Engineer to join our Product Security team. · Our team works on the cybersecurity of the Zoox robotaxi service. We guide and advise software engineering teams building our flagship product while aligning our efforts with company-wide c ...
-
Head of Application Security
2 weeks ago
Motion Recruitment Partners, LLC Los Angeles, United StatesAn international fast-fashion e-commerce company is looking to add a Head of Application Security to their team This is a 100% on-site opportunity in LA, Palo Alto, or San Diego. They are in search of an engineer with a deep technical understanding of the full SDL lifecycle and e ...
-
Head of Application Security
2 weeks ago
Motion Recruitment Los Angeles, United StatesAn international fast-fashion e-commerce company is looking to add a Head of Application Security to their team This is a 100% on-site opportunity in LA, Palo Alto, or San Diego. They are in search of an engineer with a deep technical understanding of the full SDL lifecycle and e ...
-
Assistant CISO
2 weeks ago
Motion Recruitment Los Angeles, United States Full timeJob Description · Assistant CISO position is open with a major academic institution. The role will report directly to the CISO and will oversee Identity and Access Management, Network Security, Security Engineering, App Security, Malware/Ransomware, and Information Security/Compl ...
-
Senior Application Security Engineer
2 weeks ago
Zoox Los Angeles, CA, United StatesZoox is looking for an Application Security Engineer to join our Product Security team. Our team works on the cybersecurity of the Zoox robotaxi service. We guide and advise software engineering teams building our flagship product while aligning our efforts with company-wide cyb ...
-
Senior Alliance Sales Manager
6 days ago
Contrast Security Los Angeles, United States???? **Privacy Notice** · **Senior Alliance Sales Manager** · Los Angeles, CA / Sales & Business Development Alliances / Full-time · Contrast Security is the worlds leading provider of security technology that enables software applications to protect themselves against cyberat ...
-
Staff Security Architect
1 week ago
Garmin International, Inc. Brea, United StatesOverview: · **Responsibilities**: · **Essential Functions** · - Support the design/security of products across the automotive segment with exemplary pragmatic judgement on threat likelihood, impact and remediation · - Develop/promote policy, processes, and guidelines which integr ...
AppSec Engineer - Los Angeles, United States - Motion Recruitment
Description
My client is a top streaming company and they are looking for an application pipeline security engineer/DevSecOps to help lead and execute various Application Pipeline Security initiatives and build robust automation frameworks.
Responsibilities:
Posted by: John Bellon
Specialization: Red Team
