Application Security Associate

Description

Do you have a passion for Application Security? Are you interested in learning more about Infrastructure Security in addition to working on Application Security? If you answered yes, Zywave would love to speak with you! Zywave is looking for an Application Security Engineer to join our team! In this role, you will identify and provide solutions to product and application security gaps, while providing strategies, policies, standards, guidelines, and procedures. You will also be responsible for building upon automated tooling to perform and report on static and dynamic application security testing (SAST/DAST) as well as develop secure code training programs for developers and track/provide metrics on completion status to management.

Why Should You Apply?

As an Application Security Associate with Zywave, you will lead efforts with the development organization to proactively integrate vulnerability and threat modeling across multiple platforms enhancing and owning the Secure Software Delivery Lifecycle (SDLC). You will develop, test, document, troubleshoot and debug Zywave's web-based applications to meet the needs of our internal and external customers. You will be responsible for contributing, providing input, and continuously look for ways to improve all aspects of the product development lifecycle as well as participate in security technology evaluations. You will work with all team members to design, develop, test, deliver, and make Zywave's multi-tenant SaaS application best in class. It will be your responsibility to provide collaboration and recommendations for modifying and improving toolsets, processes, and production application security support as well as maintain an understanding of regulatory compliance (HIPAA, PCI-DSS) and various risk managements framework requirements (NIST CSF, SANS/CWE, OWASP).

Factors for Success

• Bachelor's degree in Information Technology or related field or proven record of security success
• 1+ years of experience in the Application Security or a developer looking to get into Security
• Ability to demonstrate solid development technical concepts
• Understanding of NIST, ISO, SOC 2
• Threat hunting capabilities using KQL or other tools
• Prior experience working in a software development organization
• Experience with open source and commercial application security management tools
• Strong knowledge of network and application exploitation, ethical hacking, penetration testing, computer forensics and tool development
• Understanding and ability to speak developer language (ie: Kubernetes, etc)
• Familiar with Terraform/Infrastructure as Code is a plus
• Experience with Azure/AWS/container security is a plus

Company Background

Why pick Zywave? Zywave is a cutting edge, fast growing SaaS company leading the digital revolution of the insurance industry at every stage of the client lifecycle. Headquartered in Milwaukee, WI with employees across the globe, Zywave is consistently voted by employees as a Top Workplace. Our employees enjoy a remote first, highly flexible work environment with endless opportunity for internal advancement.

#LI-MH1