AppSec Jobs
← Back to all jobs

GuidePoint Security

Application Security Engineer

Remote
United StatesPosted 2 weeks agoWebsite
Apply on LinkedIn →

At a Glance

3+ years experiencePythonJavaJavaScript/TypeScriptCI/CDSAST

About This Role

Application Security Engineer - North Central region (Remote in the U.S.). GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Responsibilities

  • Run client SAST/DAST/SCA tools, review outputs and provide recommendations
  • Work with development teams to identify and remediate security vulnerabilities
  • Provide security guidance during the software development lifecycle (SDLC)
  • Identify, track, and prioritize security vulnerabilities
  • Validate fixes and conduct retesting
  • Implement and maintain application security tools and scanning solutions
  • Create reports for technical and non-technical stakeholders

Requirements

CI/CDBurp SuiteSASTDASTSCACheckmarxJavaScriptPythonJava
  • 2-3 years experience working in Application Security
  • Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. GitHub, etc.)
  • Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
  • Deep knowledge of manual testing tools such as Burp Suite Pro
  • Knowledge of and experience with SAST/DAST/SCA Application Security tools. Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred
  • Experience with the integration of tools into development pipelines
  • Understanding of a broad range of Application Security issues as well as their mitigation strategies
  • Understanding of Application Security related vulnerabilities
  • Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus
  • Written communication skills for written interactions with clients
  • Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information
  • Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice
  • Bachelor's degree in Computer Science or Information Security preferred
  • Standard industry certifications are preferred

Benefits & Perks

Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
12 corporate holidays and a Flexible Time Off (FTO) program
Healthy mobile phone and home internet allowance
Eligibility for retirement plan after 2 months at open enrollment
Pet Benefit Option

About GuidePoint Security

GuidePoint Security is a cybersecurity consulting company based in Herndon, Virginia, founded in 2011. The firm specializes in addressing complex cybersecurity challenges for enterprise and government organizations, serving over 4,200 customers, including more than 50% of U.S. Federal Government cabinet-level agencies and a significant portion of Fortune 50 and Fortune 500 companies.

Industry

information technology & services

Employees

1,100

175 engineers

Revenue

$195M

Website

Visit →

Security at GuidePoint Security

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

GuidePoint Security's AppSec mission is articulated as their 'AppSec engineering team can guide you through a holistic approach.' They position their AppSec service as 'Trusted application security as a service' and offer to 'Assess the state of your application security program' through their Secure SDLC offering.

Security Team

  • More than 50% of GuidePoint Security's workforce consists of tenured cybersecurity engineers, architects, and consultants.
  • The CISO is identified as 'responsible for all aspects of the company's information security program.'.

Key Initiatives

GuidePoint Security offers a 'Secure SDLC offering' designed to 'Assess the state of your application security program'.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.

Interested in this role?

Apply on LinkedIn