Application Security Engineer

Position Title: Application Security Engineer
Domain: Aviation
Location: Dallas, TX
Duration: (Ongoing Contract)

API Security responsibilities:

• Defines specifications and develop code and utilities, modifies existing programs, prepares test data, and prepares functional specifications.
• Establishes, participates, and maintains relationships with customers and subject matter experts to remain apprised of direction, architectural and technology trends, risks, and functional/integration issues.
• Analyzes, designs, develops, codes and implements programs in one or more programming languages, for Web and Rich Internet Applications. Create various automated security integration solutions.
• Work with the API Management platforms to develop APIs, Products, Plans, etc. and test them.
• Develop UI and API functionality in languages including, but not limited to JavaScript, TypeScript and python.
• Work with application development personnel and other technical team members to review existing and/or new APIs/web services in support of quality implementations that align with Security policies, procedures, and generally-accepted best practices.
• Work closely with DevOps and cloud infrastructure architects and engineers to design, implement and manage secure, scalable, and reliable cloud infrastructure environments
• Participates as a technology advisor to collaborate with Agile squads to deliver business benefits with effective and efficient use of technology Platform(s)
• Ensures teams are validating for OWASP and performing industry leading application security practices.
• Performs application program interface security assessments and remediation activities as part of the API security program.
• Leverages the enterprise SSDLC processes and toolset.

Skills:

• Bachelor's degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
• 2 years of experience working as a frontend or backend software developer
• API: Experience with HashiCorp Vault APIs, Cloud APIs and API gateway
• Experience as a developer on a team consisting of five or more software developers
• Ability to conduct independent research
• Broad understanding of web service implementation paradigms (REST, SOAP)
• Basic understanding of Cryptography concepts: hashing, signing, symmetric/asymmetric encryption and decryption
• Basic understanding microservice application architecture, software cohesion and software coupling
• Comfortable learning new programming languages as needed to conduct code reviews
• Comfortable with the following tools and technologies: Git, SoapUI, Jenkins, Artifactory, SonarQube, Find Bugs, Docker Experience with deploying and configuring API scanning tools
• Experience in Identity and access management concepts and technical specifications
• Experience creating continuous integration pipelines (Cloud bees, Jenkins, Buddy, Urban Code, etc.)
• Experience using integrated development environments (e.g. Visual Studio, Visual Studio Code, Eclipse)
• Experience with Azure Resource Manager (ARM) and scripting tools, including PowerShell, Azure CLI, JavaScript, Shell scripts, Python, or similar languages.
• Experience developing solutions that combine data from APIs, endpoints, and databases
• Outstanding communication, analytical skills and ability to function in a globally diverse work environment
• Experience working within an agile team (Scrum, Rally, etc.)
• Familiarity with OWASP and the San's Top 25

Education and Experience:

• Bachelor's degree in Computer Science or related field or equivalent experience/certification
• API security 1 year
• 2 years working as a Security Engineer
• 1-year experience developing automation solutions in Python, Java or PowerShell

Ability to analyze complex problems and implement solutions and/or workarounds

• Familiarity with NIST Special Publications (e.g. 800-171,800-53, CSF)

Our benefits package includes:

• Comprehensive medical benefits
• Competitive pay, 401(k)
• Retirement plan
• and much more!

About INSPYR Solutions:
As a leading information technology partner, we connect top IT talent with our clients to provide innovative business solutions through our IT Staffing, Professional Services, and Infrastructure Solutions divisions. We understand and value the unique needs of highly-skilled information technology professionals in the industry and always strive to stay above the curve. Our company was founded on the following core values: Be the Best, Understand the Urgency, Never Ever Give Up, Have the Courage to Excel, and Make a Contribution. We take pride in our business model and strive to create a positive workplace environment through an exemplary culture.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.