Application Security Engineer
Company: Berry Global
Location: Saint Petersburg
Posted on: March 27, 2020
- Bachelor degree or commensurate work experience required.
Bachelor degree in engineering, computer science or related field
- Minimum of two (2) years of work experience in software
- Minimum of one (1) year of work experience in a cybersecurity
- Experience with security configurations in a cloud environment
(e.g. Azure cloud) preferred.
- GWAPT, OSWE or similar certification preferred.Job Purpose and
Scope:As a member of Information Security, this role will partner
with the Bank OZK Innovation Labs group to develop and maintain a
secure development process and ensure that custom software built by
OZK Labs is designed and implemented with high security
standards.OZK Labs is the entrepreneurial heart of Bank OZK located
at the center of the Innovation District in Downtown St.
Petersburg, FL. The team leads the digital transformation of
community banking to deliver financial services that positively
impact the lives of our customers.Essential Job Functions:
- Performs vulnerability and penetration testing and presents
assessment reports to clearly document security findings with
reasonable methods to secure.
- Participates actively in product design meetings providing
insight and direction related to application security risks.
- Implements DevSecOps practices that focus on automation to
improve efficiency of testing and remediation of findings.
- Contributes to the Software Development Life Cycle (SDLC)
Standard and other documents to enforce high security standards and
compliance with regulatory requirements and industry best practices
for application security.
- Trains software engineers on secure application development
practices and application penetration techniques.
- Monitors the security community regularly for public-facing
security issues, as well as new testing tactics.
- Works in an agile development environment, collaborating
successfully with product management, release management, and
various engineering teams.
- Handles a variety of assignments and interacts with all levels
of developers and management.
- Produces accurate, thorough, and timely work, while meeting
commitments and following policies and procedures.
- Develops, maintains, and follows all Information Security
procedures to support Innovation Labs and the SDLC Standard.
- Works in tandem with architects, the security operations center
(SOC), incident responders (when anomalous activity and host
compromise occurs), and technology infrastructure and development
- Completes training as needed.
- Regularly exercises discretion and judgement in the performance
of essential job functions.
- Follows Bank policy, practice, and procedure.
- Maintains good punctuality and attendance to work.Knowledge,
Skills & Abilities:
- Knowledge of the OWASP Top 10.
- Knowledge of applications hosted in cloud Amazon Web Services
(AWS), Google (GCP) or Microsoft Azure clouds.
- Ability to demonstrate effective application vulnerability and
penetration-testing skills including Injection, XSS, and XXE
attacks in web applications.
- Ability to demonstrate effective skill with dynamic and static
- Ability to demonstrate effective skill in software engineering
principles, frameworks and technologies.
- Ability to advise other engineers on application security best
- Ability to communicate effectively both verbally and in
- Ability to manage multiple tasks with exacting deadlines in a
- Ability to demonstrate effective organization, critical
thinking, analytical and problem-solving skills.
- Ability to work effectively and demonstrate flexibility in a
continually changing environment.
- Ability to work without close supervision.
- Ability to work effectively in a team environment.
- Ability to maintain attention to detail.
- Ability to demonstrate effective time management skills.
- Skill in using computer and Microsoft Office, including
Outlook, Word, Excel, and PowerPoint.Equipment Used in Job
- Multifunction deviceMajor Job Demands (Physical/Mental):
Keywords: Berry Global, St. Petersburg , Application Security Engineer, Engineering , Saint Petersburg, Florida
Didn't find what you're looking for? Search again!