Application Security Engineer.
What you'll be doing...The Product Security team within Verizon's Corporate Information Security (CIS) organization works to embed security seamlessly into the development lifecycle of technology systems and services. We are looking for a Security Engineer who can enable product teams to deliver secure-by-design applications and infrastructure, by providing cybersecurity expertise and guidance throughout the system development life-cycle.Responsibilities include:* Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components, and help product teams identify solutions that meet security requirements.* Provide subject matter expertise on secure design & coding practices, assist in building and rolling out related guidelines and standards, perform manual source code reviews for high risk components* Build secure code library (security code snippets, common libraries, cryptographic libraries)* Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines* Have significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, infrastructure (cloud and on-prem).* Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls* Assist in incident response by providing tier-3 engineering support to remediate critical security bugs in production environmentsWhat we're looking for...You'll need to have:* Bachelor's degree or four or more years of work experience.* Four or more years of relevant work experience.* Technical experience in application security.Even better if you have:* A degree in Computer Science, Computer Engineering or a related field.* Certifications: One or more of the following GIAC, CISSP, CSSLP, OSCP, CCSP...