Please Enable Cookies to Continue Please enable cookies in your browser to experience all the personalized features of this site, including the ability to apply for a job. Returning Candidate? Application Security Engineer Job Location US-MA-Boston | US-Multiple Locations Job ID 2020-4174 Posted Date 1/17/2020 Category Information Technology Type Regular Full-Time Location : Location US-MA-Boston
Bain & Company is the management consulting firm that the world’s business leaders come to when they want results. Bain advises clients on strategy, operations, information technology, organization, private equity, digital transformation and strategy, and mergers and acquisition, developing practical insights that clients act on and transferring skills that make change stick. The firm aligns its incentives with clients by linking its fees to their results. Bain clients have outperformed the stock market 4 to 1. Founded in 1973, Bain has 58 offices in 37 countries, and its deep expertise and client roster cross every industry and economic sector.
Bain’s Information Security team is a global team of cybersecurity professionals who are working to protect the critical information assets of Bain and our clients. Our mission is to assess risks to critical areas and any cyber threats to provide continuous guidance and improved information security standards to all facets of Bain’s business services and consulting operations. Our utmost priority is to ensure the confidentiality, integrity and availability (C-I-A Principles) of our work for clients.
As an Application Security Engineer, you will work with multiple highly skilled development teams to improve and execute Bain & Company’s secure Software Development Life Cycle (SDLC) to provide secure products and solutions to Bain and our clients. Acting as a Subject Matter Expert, you will be responsible for providing secure coding best practices and guidance to development teams while also working to enable tools and capabilities that support Bain’s SDLC processes. You will also collaborate closely with the Security Architecture & Engineering team to optimize the technical capabilities of our application security assessment tools to provide reliable automated testing solutions.
- Develop and improve processes & procedures for Application Security during development lifecycle and maintain standards documentation as required
- Assist in performing secure code reviews
- Provide remediation support for application security vulnerabilities
- Conduct risk assessments & perform threat modeling for applications as needed
- Maintain standards for asset management of internally developed applications with development teams
- Perform manual validation & discovery of security vulnerabilities and track remediation activities
- Provide Subject Matter Expertise on Application Security & secure code development
- Provide application security & secure code training to development teams and act as a mentor
- Assist in Application Security related automation
- Collaborate with cross-functional teams, including infrastructure, development, application, product, etc.
- Assist in creation and execution of application security initiatives
- Provide support, maintenance, & policy creation, for SCA, SAST, DAST, & WAF solutions
- Bachelor’s degree or Application Security certifications (i.e. CISSP CSSLP, OSCP, GWEB, GCIH, & GWAPT)
- 5-8 years of full-time experience in Security engineering, application/software development, DevOps/DevSecOps engineering, or application/software engineering
- Application vulnerability assessment, remediation, & mitigation; And tools for those capabilities: SCA, SAST, DAST, & WAF experience
- Development in cloud infrastructure environments
Options Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed
Software Powered by iCIMS