Application Security Engineer (Remote)

DescriptionGuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Security Engineers at GuidePoint Security are experienced professionals who are autonomous, experienced, self-driven security fanatics. Our Security Engineers are materially involved in the complete security technologies opportunity lifecycle, from pre-sales through delivery and have the freedom and control over how engagements are scoped and delivered. Our unique position as both a Value-Added Reseller (VAR) AND a professional services organization also requires our Security Engineers to continually expand their knowledge and experience with the latest cutting-edge information security technologies. This helps satisfy our Security Engineers desire to constantly expand their knowledge and better meet the needs of our clients. This position requires a strong knowledge of application security solutions, with a focus on Static Assessment tools such as Checkmarx to support client service and assessment activities alike.

• Proficiency with architecture, design, implementation, operationalization, and troubleshooting Checkmarx CxSAST, CxAudit, and CxOSA.
• Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azuer Dev Ops, Jenkins, Bamboo, etc.)
• Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools
• Information Systems architecture, security control design and development experience
• Excellent written and verbal communication skills
• Largely remote, but up to 30% out-of-town travel may be required to client locations
• Security Engineers work from home when not visiting client locations

• Experience with additional web application scanning tools (e.g. Static / Dynamic, Interactive, etc.) including Qualys WAS, Appspider, Acutenitx, Veracode, Burp Suite, Netsparker, and similar.
• Past development expertise or operational or consultative experience supporting application security teams.

• Bachelor's degree in a relevant discipline or equivalent experience
• 3-5 years of security engineering experience in the Information Security industry

• MacBook Air or Pro
• Healthy mobile phone and home internet allowance
• 100% employer-paid medical and dental with generous employer family contributions
• Eligibility for retirement plan after 2 months at open enrollment