Search This Blog

Application Security Specialist :- Irving, TX/ Iselin, NJ/ Charlotte, NC - Hybrid Role – Need Local

Hello Folks,

 

Hope you are doing great!

 

This is Himank Jani from ApTask.

 

We have urgent requirements with one of our client’s, please review the job description below and let me know if you have any relevant candidates on your bench, Kindly share.

 

Kindly share work authorization status and DL location of the candidate.

 

Job Title: Application Security Specialist

Location: Irving, TX/ Iselin, NJ/ Charlotte, NC - Hybrid Role – Need Local

 

Job Description: Look for someone who has Application Security experience, has worked closely with software developers, conducted threat modeling and secure coding activities, integrated security tools into CI/CD pipelines, and ideally built or led a Security Champions Program or Community of Practice. Leadership, enablement, training, and influencing engineering teams are more important than deep penetration testing or network security experience.

 

Here are some key points that can help you spot a difference between a good candidate for this role:

 

Must-Have Experience Areas

You can confirm the candidate has experience in at least 4–5 areas of these:

Area

Required

Application Security

Yes

Threat Modeling

Yes

Secure Coding

Yes

Developer Coaching

Yes

Security Testing Tools

Yes

CI/CD Security

Yes

Security Governance

Preferred

Security Champion Program

Strongly Preferred

Compliance Reporting

Preferred

Metrics & Dashboards

Preferred

 

 

1. Must-Have Resume Keywords

A strong resume should contain several of these terms:

Application Security

                 Application Security (AppSec)

                 Secure SDLC (SSDLC)

                 Secure Development Lifecycle

                 DevSecOps

                 Secure Design

                 Secure Coding

                 Security Architecture

                 Security Review

Threat Modeling & Developer Coaching

                 Threat Modeling

                 STRIDE

                 Security Champions

                 Developer Enablement

                 Security Training

                 Secure Coding Training

                 Security Awareness

                 Coaching Developers

                 Security Workshops

CI/CD & Automation

                 CI/CD Security

                 DevSecOps

                 Security Gates

                 Pipeline Security

                 Compliance Automation

                 Security Controls

                 Continuous Security Testing

Security Testing Tools

                 SAST

                 DAST

                 SCA

                 Static Analysis

                 Dynamic Testing

                 Software Composition Analysis

                 Vulnerability Management

Governance & Metrics

                 Security Metrics

                 KPIs

                 Dashboards

                 Compliance Reporting

                 Risk Management

                 Risk Register

                 Governance

                 Security Controls

Collaboration

                 Cross-Functional Leadership

                 Stakeholder Management

                 Program Management

                 Change Management

                 Community of Practice (CoP)

                 Security Champion Program

________________________________________

2. Tools That Should Appear on Resume

Look for at least some of these:

SAST

•             Checkmarx

•             Veracode

•             Fortify

•             SonarQube

•             Coverity

DAST

•             Burp Suite

•             AppScan

•             WebInspect

SCA

•             Black Duck

•             Snyk

•             Mend (WhiteSource)

CI/CD

•             Jenkins

•             GitHub Actions

•             GitLab CI/CD

•             Azure DevOps

Dashboards

•             Power BI

•             Grafana

•             Splunk

Collaboration

•             ServiceNow

•             Confluence

•             Jira

•             Microsoft Teams

________________________________________

3. High-Value Phrases

These are the phrases that should immediately catch a your attention:

•             "Built Security Champion Program"

•             "Led Application Security Community of Practice"

•             "Coached development teams on secure coding"

•             "Conducted threat modeling sessions"

•             "Integrated security controls into CI/CD pipelines"

•             "Established AppSec KPIs and dashboards"

•             "Drove security adoption across engineering teams"

•             "Partnered with application owners to remediate vulnerabilities"

•             "Performed secure code reviews"

•             "Developed AppSec training curriculum"

•             "Enabled security adoption across multiple business units"

•             "Acted as liaison between development and security teams"

________________________________________


5. Red Flags (Reject or Lower Priority)

Pure Infrastructure Security

Resume focused mainly on:

  • Firewalls
  • Network Security
  • VPN
  • IDS/IPS
  • SOC Operations

Not a fit.

Pure Vulnerability Management

Only:

  • Nessus scans
  • Patch management
  • Server vulnerability remediation

Not enough AppSec depth.

Pure Penetration Tester

Only:

  • Ethical hacking
  • Red teaming
  • Bug bounty

May lack program leadership and developer enablement.

Pure DevOps Engineer

Only:

  • Kubernetes
  • Terraform
  • AWS deployment

Need AppSec ownership and security leadership.


6. Certifications to Prioritize

Strong:

  • CSSLP
  • CISSP
  • CRISC

Good:

  • GWAPT
  • GWEB
  • CASE
  • Security+

Nice to Have:

  • Scrum Master
  • SAFe
  • PMP

 

 

 

Best Regards,

Himank Deepak Jani

 

ApTask | A global, diversity-certified workforce solutions provider.

Address: 120 Wood Ave South, Suite # 300, Iselin, NJ 08830

 

This e-mail and any attachments may be confidential, proprietary or legally privileged. Any review, use, disclosure, distribution or copying of this e-mail is prohibited except by or on behalf of the intended recipient. If you received this message in error or are not the intended recipient, please delete or destroy the e-mail message and any attachments or copies and notify the sender of the erroneous delivery by return e-mail. It shall not attach any liability on the sender or ApTask or its affiliates. Any views or opinions presented in this email are solely those of the sender and may not necessarily reflect the opinions of ApTask or its affiliates.

 

Candidate Data Collection Disclaimer:
At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.

If you have any concerns or queries about your personal information, please feel free to contact our compliance team at 
compliance@aptask.com.

Applicant Consent:
By submitting your application, you agree to ApTask's (www.aptask.com)
 Terms of Use and Privacy Policy, and provide your consent to receive SMS and voice call communications regarding employment opportunities that match your resume and qualifications. You understand that your personal information will be used solely for recruitment purposes and that you can withdraw your consent at any time by contacting us at 732-355-8000 or help@aptask.com. Message frequency may vary. Msg & data rates may apply.

 

 

No comments:

Post a Comment

Thanks

Gigagiglet
gigagiglet.blogspot.com

Featured Post

Application Security Specialist :- Irving, TX/ Iselin, NJ/ Charlotte, NC - Hybrid Role – Need Local

Hello Folks,   Hope you are doing great!   This is Himank Jani  from ApTask .   We have urgent require...

Contact Form

Name

Email *

Message *

Total Pageviews