Description
Our innovative and growing company is seeking a talented individual to fill the role of an Application Security Engineer to join our dynamic team at Applied Research Associates, Inc (ARA). The Application Security Engineer position holds the responsibility of identifying and reducing security risks in the supported software applications developed in-house. The ideal candidate will consult with other developers and product managers to analyze and propose application security standards, methods, and architectures. ARA is a 100% employee-owned company that offers excellent benefits package that includes medical, dental, vision, retirement and more. This position is located at Eglin AFB, Florida on the Gulf Coast of Florida.
ARA offers an excellent benefits package that includes:
401-K Retirement (both Traditional and Roth) with employer matching
Employee Stock Ownership Plan
Various insurance options including Flexible Spending Plan and a Health Savings Account (HSA)
Paid leave and holidays
Application Security Engineer Duties include:
Develop security training and guidance to internal and external development teams.
Provide subject matter expertise on architecture, authentication, encryption, and systems security for support software applications developed in-house.
Create and maintain artifacts in a protected repository established as the sole source of truth.
Assess security tools and integrate tools as needed, particularly open-source tooling.
Assist with assessment activities to improve the technology in use.
Technical:
Familiar with common security libraries, RMF security controls, common security flows, and vulnerability assessments for C++ applications
Ability to discover and patch database, GUI, authentication and authorization flaws, and other security vulnerabilities contained in the software applications.
Experience with Atlassian tools and CI/CD pipeline integration of security assessment and remediation measures
Experience with CheckMarx, SonarQube, and other application security analysis tools
Heavy experience with SAST, DAST, OSA, and secure software supply chain is a must.
Code Quality:
Proactively identify and reduce security risks in the supported software applications developed in-house.
Find and remove outdated and vulnerable code and code libraries.
Communication:
Consult with other Developers and Product Managers to analyze and propose application security standards, methods, and architectures.
Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities in collaboration with security teams.
Educate other developers on secure coding practices.
Ability to professionally handle communications with outside researchers, users, customers, and organizations.
Ability to communicate clearly on technical issues.
Application Security Engineer General Requirements:
An inquisitive nature for discovery of root cause
A proactive attitude towards challenges and technology.
Drive and passion for technology and capabilities
Superior written and verbal communication skills.
Assist in making security architecture decisions for software applications.
Implement security technical and process improvements.
You employ a flexible and constructive approach when solving problems.
Application Security Engineer Qualifications:
2-4 years of related experience.
Ability to obtain Security + certification required within 6 months of employment.
Applicant must be a United States citizen and be able to obtain and maintain an Active DoD Security Clearance.
Company Details:
Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 2,200 professionals and is rapidly growing. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.
At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are recognized and rewarded for their contributions which not only add to the company's success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, "Engineering and Science for Fun and Profit" sums up the ARA experience. For additional information and an opportunity to join this unique workplace, please visit our website at www.ara.com.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)