Application Security Specialist Job Description
Application security specialist
provides leadership for information security compliance initiatives -- Payment Card Industry (PCI), COBIT, NIST Cyber framework, etc.
Application Security Specialist Duties & Responsibilities
To write an effective application security specialist job description, begin by listing detailed duties, responsibilities and expectations. We have included application security specialist job description templates that you can modify and use.
Sample responsibilities for this position include:
Train clients on application security and remediation of application security code defects
Provide application security architecture guidance that is built on principles of balancing security advice with business and IT needs to position the security program as a business enabler
Create and operate information application security services for mergers, acquisitions, and divestitures
Ability to configure, implement, and maintain security testing tools the configuration of data sources for metric reporting/tracking
Ability to keep up to date on the latest security regulations, advisories, alerts and vulnerabilities
Support a variety of application tools and Windows/Linux systems
Daily support and troubleshooting of all tools
Apply patches & perform upgrades to applications and application servers
Ability to review application logs and determine root cause analysis for all errors
Monitoring health of systems and make adjustments as needed
Application Security Specialist Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Application Security Specialist
List any licenses or certifications required by the position: CISSP, CEH, CSSLP, PKI, TLS/SSL, GXPN, GPEN, GWAPT, OSCP, AJAX
Education for Application Security Specialist
Typically a job would require a certain level of education.
Employers hiring for the application security specialist job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Systems, Technical, Information Technology, Education, Information Security, Engineering, Technology, Computer Engineering, Financial Services
Skills for Application Security Specialist
Desired skills for application security specialist include:
Application security
Build processes
Compilers
Executable file formats and OS/VM execution environments
Middleware platforms
Highly regulated industry
ISF and COBIT
ISO
Information security governance processes and practices
NIST
Desired experience for application security specialist includes:
Ability to quickly develop subject matter expertise and working knowledge of business processes
A security based professional qualification desirable
Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline
MUST have deep understanding of OWASP Top 10 and CWE 25
Maintain a wide breadth of mobile development and security skills to a significant degree of depth
Have a superior ability to articulate technical concepts to non-technical business owners and management
Application Security Specialist Examples
1
Application Security Specialist Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of application security specialist. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for application security specialist
- Creating RFP for selecting a service provide for application security
- Analyzing application security products from various vendors
- Additional responsibilities will include hardware/software lifecycle management, problem determination and resolution, software configuration and new report generation
- Update/maintain all necessary documentation
- Timely communication with management and personnel regarding Support Request statuses
- Participate in tool selection discussions and perform POCs
- Responsibility over PeopleSoft security solution design, development, deployment/cutover, and implementation - covering all security aspects of the PeopleSoft implementation lifecycle
- Assess PeopleSoft security requirements and provide recommendations for the program
- Work with project work streams to design, implement and maintain security structures for the IPPS-A PeopleSoft application
- Routinely audit security in all PeopleSoft environments, ensuring that all users are appropriately provisioned for their work function
Qualifications for application security specialist
- Have CISSP (Certified Information Systems Security Professional) certification or working toward CISSP certification
- Permanent right to work in US
- Experience with DoD or Federal compliance testing methodologies
- Experience with reviewing, understanding and assessing DoD Cybersecurity requirements related to software security
- Basic familiarity with various Operating system, Database, Application Servers and common threat mitigation technologies
- Have intermediate software development experience in object oriented programming languages
2
Application Security Specialist Job Description
Job Description Example
Our company is looking to fill the role of application security specialist. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for application security specialist
- Analyze and resolve security and access problems in the IPPS-A PeopleSoft environments
- Write and maintain documentation related to security design, implementation and practices
- Perform Threat Modeling, identify application threats/vulnerabilities and recommend mitigation strategies
- Assist teams in mitigation of vulnerability and static//dynamic scan results (from tools such as Nessus, Fortify, WhiteHat, Coverity)
- Assist teams implementing automated DevOps/DevSecOps tools for secure Continous Integration / Continues Deployment (CI/CD)
- Advise clients on scanning customer source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities
- Provide insight on industry standard static code analysis products, such as HP Fortify and IBM AppScan Source and Enterprise, onsite for customers
- Finance & Reliability
- Resolve tier II user security issues by working with SAP, related applications, SDM, and other Identity Management tools
- Update system data to support role and user administration processes
Qualifications for application security specialist
- Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand
- 2 years’ experience with Linux AND/OR Windows OS
- 7-9 years years of overall technical experience in system design, project development and production support of large applications/systems
- Knowledge of PeopleSoft Security Administration in a PeopleSoft 9.1 or above environment to include People Tools, Role grant functions, Workflow, PeopleSoft Security configurations, Query Security, User Preferences, Row Level Security, Component Security
- Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle )
- Experience deploying static/dynamic analysis tools (Nessus, Fortify, WhiteHat, Coverity)
3
Application Security Specialist Job Description
Job Description Example
Our company is searching for experienced candidates for the position of application security specialist. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for application security specialist
- Assist teammates in support of internal and cross-functional projects
- Implement security solutions given instructions and business requirements
- Lock and unlock users in support of business and IT projects
- Build functional specifications and work with SAP development to build read-only functionality
- Validate and test functionality introduced by custom development, support packs, or upgrades
- Participate in the team’s on-call support rotation
- Assist with internal and external audits, user reviews, and other compliance activities
- Identify and implement improvements to processes and procedures
- Follow defined processes and procedures for each of the above responsibilities
- Evaluate security application standards and patterns which drive key information security processes
Qualifications for application security specialist
- To suit this position you have excellent interpersonal and team working skills
- Experience implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation)
- Experience with Amazon Web Services (AWS) and Microsoft Azure security a definite plus
- Engineering / software development background with a “relentless automation” and devops mindset a definite plus
- 8+ years IT leadership experience in information security and privacy
- CISSP certification is highly desired
4
Application Security Specialist Job Description
Job Description Example
Our growing company is looking for an application security specialist. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for application security specialist
- Develop and implement continuous service improvements to Application Security Management program
- Delivers next generation application security controls, socializing with application teams to ensure strong adoption and solves technical barriers with tools and processes
- Provide secure code programming guidance that is built on industry and academic best practices
- Update library of information security documentation with application standards, work instructions and training materials
- Develop communication plans for the enterprise security application function by partnering with business and enterprise architects
- Creates Powershell and Python scripts to automate task for the larger Global Information Security Team
- Analyzing RFP results and presenting to stakeholders
- Coordinate vendor product demonstrations and presentations
- Conducting pilot or POC with selected vendors for threat modelling, architecture reviews, code scanning and penetration testing
- Collaborating with cross functional teams and getting their buy in
Qualifications for application security specialist
- Secure software development lifecycle experience and adherence to industry benchmarks (OWASP top 10, SANS top 25, MS SDL)
- Experience in implementing dynamic and secure web services
- Understanding of multiple development processes and practices such as Agile/Scrum
- A bachelor's or master's degree in computer science, information security or other related field
- BS/BA degree or an equivalent combination of education and experience required
- Strong knowledge of RSA Archer GRC a plus
5
Application Security Specialist Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of application security specialist. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for application security specialist
- Ability to manually validate scan results to remove false positives, redundant, or duplicate data to test for additional classes of vulnerabilities scanners can’t report is a plus
- Meet with application, engineering, server and network teams to discuss vulnerability remediation
- Respond to telephone, ticket and e-mail requests in a professional, efficient and customer-centric manner
- Perform various programming and technical project / administrative related activities on the security applications
- Ensure report requests and account creations receive required approvals and documentation prior to creation
- Mentoring or guiding PSAS I coworkers
- Define an annual plan for end to end systems review and oversight its execution
- Develop, embed and oversee secure development lifecycle practices globally
- Develop and maintain the secure coding and testing standards an guidelines
- Undertake application end to end security risk reviews of business critical applications and infrastructure
Qualifications for application security specialist
- Must have experience with Penetration Testing
- Communication / Reporting (Reporting done via standardized language but may need to be customized)
- Technical Communication - Communicate Web Application vulnerabilities to project teams and development teams
- Dynamic Analysis
- Perform threat modelling, security testing (manual, automated), source code review (manual, automated), and penetration testing to assist in development projects for applications, new and old
- We are looking for a self-motivated, person, who is flexible and will be adaptive to a very busy work environment