Fully Remote Application Security Engineer for Film Production Company

A popular film production and distribution company is seeking talented Application Security Engineers in a fully remote role. They have made their name by producing some of the most popular films of the last decade and show no signs of slowing down. They need candidates with experience in protecting their client's, and their own, information. Ideal candidates are those with experience with participating in architecture design reviews with senior engineering and product management staff to incorporate effective threat modeling and security standards into product design. They also need someone with an understanding of how to evaluate and instrument automation tooling to ensure security within any component of their platform. They are preferring those with a proficiency in automation, supporting SDLC, vulnerability management, code review, SAST/DAST implementation, familiarity with pen testing, as well as experience with Python scripting. Required Skills & Experience BS in Computer Science or equivalent required with minimum of 3 years of experience as a Security Analyst or Engineer 2+ years of work experience in application security 2+ years with secure code review, technical risk assessments, and/or static code analysis 1+ years of Secure coding or automation experience OSCP certification is a plus Conduct technical security assessments, code audits and architectural design reviews Support SDLC and agile environments with application security testing Develop automated solutions that mitigate risks throughout the organization Advocate for secure coding practices throughout the organization Experience with automation through solutions such as Chef, Puppet, Jenkins, and Ansible Experience in Java, Python, JavaScript Experience with application security tools such as Checkmarx, AppSpider and BurpSuite. Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams Ability to automate DAST/SAST solutions and reporting Experience with threat modeling methodologies such as STRIDE Desired Skills & Experience Containerization experience WAF Monitoring/implementation Threat - Modeling Pen-testing background Some exposure to cloud platforms OSCP certification is a plus The Offer Bonus OR Commission eligible You will receive the following benefits: Medical Insurance Dental Benefits Vision Benefits Paid Time Off (PTO) 401(k) including match- if applicable Applicants must be currently authorized to work in the US on a full-time basis now and in the future.