Application Security Engineer - Java - Remote

Overview

Orion Innovation is a premier, award-winning, global business and technology services firm. Orion delivers game-changing business transformation and product development rooted in digital strategy, experience design, and engineering, with a unique combination of agility, scale, and maturity. We work with a wide range of clients across many industries including financial services, professional services, telecommunications and media, consumer products, automotive, industrial automation, professional sports and entertainment, life sciences, ecommerce, and education.

In Short

• Collaborate closely with clients and the application community to maintain a resilient security posture for high-visibility applications.
• Remediate application security defects collaboratively with the application security team, emphasizing a security-first mindset.
• Lead security discussions with application teams to prescribe and implement best security practices throughout the development lifecycle.
• Conduct dynamic and static application performance testing, create security requirements, and generate threat models using tools such as SD Elements.
• Utilize the latest OWASP frameworks to enhance application security.
• Stay updated on web application security standards, including OWASP Top 10, CVSS, CWE, WASC, and SANS-25.

Requirements

• 3+ years of experience with Java, including expertise in Apache and Spring.
• 3+ years of experience in designing and implementing enterprise security controls to secure applications, systems, networks, or infrastructure services.
• 3+ years of experience supporting Static Application Security Testing, Dynamic Application Security Testing, and IDE Plugin environments.
• Experience with Eclipse, JDeveloper, including pipeline development, or Visual Studio.
• Expertise in enterprise web application security and understanding of OWASP Top 10.
• Familiarity with web protocols and command-line tools.
• Proven experience in penetration testing.
• Knowledge of Linux or UNIX environments, including basic website connectivity navigation and troubleshooting.

Benefits

• Equal opportunity employer.
• Consideration for employment without regard to various characteristics protected by law.