Application Security Engineer
3 weeks ago
About Veolia North America
A subsidiary of Veolia Group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water, and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps commercial, industrial, healthcare, higher education, and municipality customers throughout North America. Headquartered in Boston, Mass., Veolia North America has approximately 10,000 employees working at more than 350 locations across the continent. Please visit our website www.veolianorthamerica.com.
Job DescriptionBENEFITS
Veolia's comprehensive benefits package includes paid time off policies, as well as health, dental and vision insurance. In addition, employees are also entitled to participate in an employer sponsored 401(k) plan, to save for retirement. Pay and benefits for employees represented by a union are outlined in their collective bargaining agreement.
Position Purpose:
The Application Security Engineer identifies and remediates security vulnerabilities in software applications, ensuring robust protection against potential threats. The Application Security Engineer develops and implements security measures, conducts security assessments, and provides guidance on secure coding practices and stays updated on the latest security trends and technologies to continuously enhance application security
Primary Duties/Responsibilities:
- Assist in onboarding applications and applications to Secure SDLC controls including remediation guidance, issue tracking and metrics.
- Assist in integration of security tools (e.g., DAST, SAST, SCA, etc.) in the delivery pipeline and the S-SDLC process.
- Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Software Development Life Cycle (SSDLC).
- Provide remediation coaching to development teams on how to build a more secure application, including explanations of risk assessment, e.g. likelihood, impact.
- Review and improve static and dynamic analysis findings to ensure their accuracy and relevance.
- Perform impact assessments, develop prioritized remediation plans, and drive remediation campaigns for the newest and most critical application vulnerabilities.
- Perform security architecture and design reviews.
- Take a leadership role in driving strategic solutions to recurring vulnerabilities.
- Provide actionable security guidance to our engineering teams.
- Integrate security technologies and processes directly into our pipelines.
- Proactively research and monitor security-related information sources to aid in vulnerability discovery.
- Understand, communicate and balance business risk with security risk.
- Ability to understand business requirements and apply security controls without adversely affecting the desired functionality.
Work Environment:
- This will be a hybrid role located in Milwaukee, WI.
Education/Experience/Background:
- Bachelor’s or Master’s Degree in Computer Science, Engineering, Information Security or extensive professional experience considered in place of a Bachelor's degree.
- Min of 5 years of professional experience as an Application Security Engineer.
- Experience with infrastructure as code (IaC) using Terraform, Ansible, AWS CDK, or similar.
- Experience with DAST, SAST, SCA.
Knowledge/Skills/Abilities:
- Subject matter expertise in application security and vulnerability assessments.
- Provent technical understanding of OWASP Top 10, CVSS and other vulnerability ratings.
- One or more programming languages (Rust, Python, C++, Go, PHP, etc.).
- Application Security, AWS, GCP, Azure Security, Container Security.
- Tools you may be familiar with:
- APT Hunter, AWS, Alien Vault, Azure, Bash, Confluence, Cuckoo Sandbox, EKS, Google Workspace, Github, GitLab, Golang, HTML, Hashcat, JIRA, JWT, Java, Java script, Jenkins, Kubernetes, Metasploit, New Relic, Nmap, NodeJS, OWASP, Python, Rails, Ruby, SAML, SNORT, SNow, SQL, SQLMap, TypeScript, Wireshark, tcpdump, Yara, Zeek.
- Familiarity with IDEs, e.g. Visual Studio, eclipse or IntelliJ IDEA.
- Familiarity with build systems such as Bamboo, Jenkins, AWS native build tool.
- Familiarity with IDEs, e.g. Visual Studio, eclipse or IntelliJ IDEA.
- High level of personal integrity with the ability to professionally handle confidential matters and reflect appropriate level of judgment.
- High degree of accuracy and attention to detail.
- Excellent organization skills and ability to multitask.
- Knowledge of Threat Modeling and risk assessment techniques.
- Strong understanding of encryption, authentication, and access control mechanisms.
- Firm understanding of enterprise class application architectures that are highly scalable, reliable and the ability to secure them.
- Deep technical understanding of the Mitre Attack Framework.
- Ability to work independently with minimal direction, self-starter, self-motivated with an passion for security & automation.
Additional Information
We are an Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, subject to applicable law.
-
Application Security Specialist
1 week ago
Milwaukee, Wisconsin, United States Oxford Global Resources Full timeJOB REQUIREMENTS:Overview: This position is dedicated to the development and implementation of our application security initiatives, alongside the upkeep and enforcement of information security policies and strategies within the Digital division. The individual in this role will collaborate closely with both Business and IT Leadership, providing guidance for...
-
Cloud Security Engineer
2 weeks ago
Milwaukee, United States Veolia Environnement SA Full timeCompany DescriptionAbout Veolia North America A subsidiary of Veolia Group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water, and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps commercial, industrial, healthcare,...
-
Cloud Security Engineer
1 week ago
Milwaukee, United States Veolia North America Full timeCompany DescriptionAbout Veolia North AmericaA subsidiary of Veolia Group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water, and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps commercial, industrial, healthcare,...
-
Cloud Security Engineer
2 weeks ago
Milwaukee, United States Veolia Full timeJob DescriptionJob DescriptionCompany DescriptionAbout Veolia North AmericaA subsidiary of Veolia Group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water, and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps...
-
Cloud Security Engineer
2 weeks ago
Milwaukee, United States Veolia Full timeJob DescriptionJob DescriptionCompany DescriptionAbout Veolia North AmericaA subsidiary of Veolia Group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water, and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps...
-
Security Training Engineer
2 weeks ago
MILWAUKEE, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. Security Training Engineer We are seeking a dedicated Security Training Engineer to join our team and help improve the training experience for engineers and developers within Northwestern...
-
Applications Engineer
1 month ago
Milwaukee, United States Bell & Associates, Inc. Full timeBell & Associates is seeking an Applications Engineer in Milwaukee. This position offers a hybrid work schedule, strong benefits, opportunity for growth and great benefits. PURPOSE AND SCOPEThis position is responsible for pre -sale and sales application assistance on all products to ensure proper application and minimize the Company's exposure to product...
-
Senior DevSecOps Engineer
1 week ago
Milwaukee, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. **This position is a hybrid position. On-site days will be required (M, T, W for Milwaukee; Thurs + one other day for NYC) Northwestern Mutual is looking for enthusiastic technologists who want to grow their career in DevSecOps -...
-
Senior DevSecOps Engineer
5 days ago
Milwaukee, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. **This position is a hybrid position. On-site days will be required (M, T, W for Milwaukee; Thurs + one other day for NYC) Northwestern Mutual is looking for enthusiastic technologists who want to grow their career in...
-
Senior DevSecOps Engineer
6 days ago
MILWAUKEE, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. **This position is a hybrid position. On-site days will be required (M, T, W for Milwaukee; Thurs + one other day for NYC) Northwestern Mutual is looking for enthusiastic technologists who...
-
Senior DevSecOps Engineer
2 months ago
MILWAUKEE, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. **This position is a hybrid position. On-site days will be required (M, T, W for Milwaukee; Thurs + one other day for NYC) Northwestern Mutual is looking for enthusiastic technologists who...
-
Lead Cloud Security Solutions Engineer
2 weeks ago
Milwaukee, Wisconsin, United States Wiz Full timeJoin a pioneering company that is transforming cloud security and enabling businesses to excel in the digital landscape. As a rapidly expanding startup, Wiz is dedicated to assisting organizations in safeguarding their cloud environments, thereby enhancing their operational efficiency. With a strong reputation among security teams globally, we boast a...
-
Unarmed Security Specialist
1 week ago
Milwaukee, Wisconsin, United States Titan Security Services Inc Full timePosition Overview:Are you passionate about ensuring safety and providing assistance to others? Join Titan Security Services Inc, a rapidly expanding provider of security solutions in the Chicago and Milwaukee regions. We pride ourselves on being a close-knit team where every member is valued, while also having the capacity to secure prominent venues.We are...
-
Field Application Engineer
3 weeks ago
Milwaukee, United States Schneider Electric Full timeWhat will you do?Focus on the deployment of Electrical Power Monitoring Systems (EPMS) at data center facilitiesCustomer-facing position - the successful candidate must work well in a team environment and will interface directly with contractors and end-users dailyResponsibilities for this position include performing software installation, customization, and...
-
Senior Field Application Engineer
4 weeks ago
Milwaukee, United States Schneider Electric Full timeSenior Application Engineer Southern Wisconsin, Northern Illinois region This position will be home-based and requires daily travel to local customer sites within the geographical region. There is the potential for 30-40% travel outside the region, as needed. All expenses are covered and a company credit card is provided. This position might be eligible...
-
Lead Enterprise Security Engineer
6 days ago
Milwaukee, Wisconsin, United States Beacon Hill Full timeSenior Security Solutions ArchitectPosition Overview:The Senior Security Solutions Architect is tasked with the design, execution, and upkeep of our security framework. This role involves developing, assessing, and steering information security strategies across various business sectors, working in partnership with stakeholders and teams throughout the...
-
Cyber Security Controls Automation Engineer
2 months ago
Milwaukee, Wisconsin, United States Professional Diversity Network Full timeApex Systems, Inc.Job#: Job Description: Our great client has an immediate opening for a Cyber Security Application Controls Engineer. If you are interested please apply with resume to [email protected].Must haves - AWS, Public cloud, More about control automation. The principal engineer is needing someone reviewing cyber controls to make sure we are...
-
Security Automation Engineer III
2 weeks ago
MILWAUKEE, United States Northwestern Mutual Full timeAt Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they're just a few of the reasons...
-
Electronic Security Systems Design Engineer
4 weeks ago
Milwaukee, United States Diversified Full timeElectronic Security Systems Design Engineer Milwaukee, WI, USA ● Virtual Req #3703 Sunday, June 30, 2024 At Diversified, we don't just follow tech trends - we set them by leveraging the best...
-
Entry Level Applications Engineer
2 weeks ago
Milwaukee, United States East Coast Metrology Full timeJob DescriptionJob DescriptionDescription:East Coast Metrology is seeking recently graduated or imminently graduating engineers to inspect, measure, and reverse engineer products for a wide variety of industries, including nuclear, medical, aerospace, and automotive. ECM uses the latest technology, such as Laser Trackers and Portable CMM Arms, and software...