Key Facts

Remote From:

Full time

English

Hard Skills

Web Application Development Security Testing Security Testing Threat Modeling Python (Programming Language) Code Analysis Secure Coding Web Application Security Vulnerability Management Security Controls Security Software Infrastructure Architecture Software Deployment Security Engineering .NET Java (Programming Language) Penetration Testing Vulnerability Discovery Continuous Training

Other Skills

•
Calmness Under Pressure
•
Communication
•
Teamwork
•
Mentorship
•
Problem Solving

Roles & Responsibilities

5+ years of web application development (.net, python, java, etc.)
Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
Demonstrated understanding of web application penetration testing, secure coding and source code analysis
BA degree in a related field or a combination of related experience is a must

Requirements:

Build, deploy and maintain tooling to validate and track security controls in and around our code
Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
Triage programmatic source code findings and automate penetration testing to decrease potential introduction of vulnerabilities
Lead and collaborate with developers on secure coding techniques and threat modeling

Fragomen

About Fragomen

Fragomen is a leading firm dedicated to immigration services worldwide. The firm has over 5,500 immigration professionals and support staff in more than 60 offices across the Americas, EMEA and Asia Pacific. A member of the Am Law 100 and Am Law Global 100, Fragomen offers immigration support in more than 170 countries. Fragomen’s professionals are respected leaders in the immigration field, and the firm is regularly recognized as a leading employer of minority and female attorneys. The firm supports all aspects of global immigration for corporate, academic, nonprofit, and individual clients, including strategic planning, quality management, reporting, case management and processing, compliance program counseling, representation in government investigations, government relations, complex matter solutions, and litigation. Fragomen is a long-time leader in the immigration technology space and continues to lead the way in the digitization of the immigration journey. It has created Fragomen Technologies Inc., a Fragomen subsidiary focused on the nexus of law and technology to further enhance its technology offering. These capabilities allow Fragomen to work in partnership with individuals and corporate clients across all industries to plan talent strategy, facilitate the transfer of employees worldwide, and navigate complex challenges. For detailed information about Fragomen, visit www.fragomen.com

Founded: 2018

Company size: 5001 - 10000

Website LinkedIn See all jobs →

Job description

Job Description

Fragomen is seeking a Security Engineer – Application Security to join our talented Cyber Security team in our Technology Innovation Lab in Pittsburgh.

Our industry-leading, immigration specific software and supporting infrastructure is undergoing tremendous transformation and security is on the critical path to success in that endeavor. A professional, who is passionate about security, capable of effecting change, and ready to build a strong AppSec program, is what we seek. You will be joining a small team of Security Engineers who make security a distinguishing factor in our technological offerings. A successful candidate will help engineer solutions to secure software development, identify threats and mitigate vulnerabilities throughout our environment.

What an Application Security Engineer does at Fragomen:

Build, deploy and maintain tooling to validate and track security controls in and around our code
Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
Triage programmatic source code findings and automate penetration testing to decrease potential introduction of vulnerabilities
Lead and collaborate with developers on secure coding techniques and threat modeling
Contribute to vulnerability detection and remediation of technological offerings
Deploy developed or OTS security applications to support our efforts
Participate in a cross-functional response to cyber security incidents
Work closely the security team to establish prevention, detection and mitigation techniques
Support the scoping and rules of engagement of our penetration testing regime

Let’s talk if you have the following experience, knowledge, skills and education:

A passionate team player who builds knowledge and solves complex problems
5+ years of web application development (.net, python, java, etc.)
Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
Demonstrated understanding of web application penetration testing, secure coding and source code analysis
Strong, professional communication skills that maintain under pressure

These things are great, but not required:

Experience in developing highly automated detection and triage tools
Deep understanding of cyber security techniques
Technical certification demonstrating technical prowess in secure software development e.g. Certified Secure Software Lifecycle Professional (CSSLP), or Certified Application Security Engineer (CASE) or similar
BA degree in a related field or a combination of related experience is a must

All offers and/or employment contracts are contingent upon the successful completion of the Firm’s pre-employment screening process. This process may include verifying the candidate’s identity, confirming legal authorization to work in the offered position's location, and conducting a comprehensive background check, where permitted by local regulations.

Ready to apply?

APPLY

Share ·