Virginia, US

Application Security Engineer

Job Description

Fragomen is seeking a Security Engineer – Application Security to join our talented Cyber Security team in our Technology Innovation Lab in Pittsburgh. 

Our industry-leading, immigration specific software and supporting infrastructure is undergoing tremendous transformation and security is on the critical path to success in that endeavor. A professional, who is passionate about security, capable of effecting change, and ready to build a strong AppSec program, is what we seek. You will be joining a small team of Security Engineers who make security a distinguishing factor in our technological offerings.  A successful candidate will help engineer solutions to secure software development, identify threats and mitigate vulnerabilities throughout our environment.

What an Application Security Engineer does at Fragomen:

  • Build, deploy and maintain tooling to validate and track security controls in and around our code
  • Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
  • Create programmatic code reviews and automate penetration testing to decrease potential introduction of vulnerabilities
  • Lead and collaborate with developers on secure coding techniques and threat modeling
  • Contribute to vulnerability detection and remediation of technological offerings
  • Deploy developed or OTS security applications to support our efforts
  • Participate in a cross-functional response to cyber security incidents
  • Work closely the security team to establish prevention, detection and mitigation techniques
  • Support the scoping and rules of engagement of our penetration testing regime

Let’s talk if you have the following experience, knowledge, skills and education:

  • A passionate team player who builds knowledge and solves complex problems
  • 5+ years of web application development (.net, python, java, etc.)
  • Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
  • Demonstrated understanding of web application penetration testing, secure coding and source code analysis
  • Strong, professional communication skills that maintain under pressure

These things are great, but not required:

  • Experience in developing highly automated detection and triage tools
  • Deep understanding of cyber security techniques
  • Technical certification demonstrating technical prowess in secure software development e.g. Certified Secure Software Lifecycle Professional (CSSLP), or Certified Application Security Engineer (CASE) or similar
  • BA degree in a related field or a combination of related experience is a must

About us:

Fragomen is the world’s leading single-focus provider of immigration guidance and support, backed by the best resources in the immigration services industry. The firm has more than 50 offices and over 4,000 employees located in key commercial centers throughout the Americas, EMEA and Asia Pacific. Fragomen offers immigration support in more than 170 countries.

The firm is structured to support all aspects of immigration, including strategic planning, compliance, government relations, reporting, and case management and processing. We represent a broad client base ranging from individuals and emerging businesses to many of the world’s leading multinational corporations.

Path Created with Sketch. US-Pittsburgh
Full Time
REQ-010944
Apply for a job