Applications Security Engineer III

Are you known for your attention to detail, are highly organized, and pride yourself on technical acumen? This could be the perfect opportunity for you! As an Applications Security Engineer III, you will be using your skills and expertise to design, test, and implement our secure operating systems, networks, security monitoring, and tuning. You'll be responsible for the management of our IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions, conducting risk and vulnerability assessments, and developing and implementing security controls. You'll research, evaluate, and recommend new security tools, techniques, and technologies in alignment with our IT security strategy and introduce them to the enterprise.

Key Responsibilities:

• Lead the implementation of security measures within the CI/CD pipeline.
• Utilize tools like Veracode, Snyk, Burp Suite, ZAP, and Metasploit to manage vulnerabilities.
• Conduct regular penetration testing and apply SAST, IAST, and DAST for security assessments.
• Mentor and guide other DevSecOps Engineers and development teams.
• Manage SSL/TLS certificates and enforce security policies.
• Stay updated on security threats and trends to enhance the organization's security posture.
• Lead program design, coding, testing, debugging, and documentation efforts.
• Provide technical leadership and mentor junior team members.
• Collaborate with cross-functional teams to meet business requirements.

Qualifications You Must Have:

• Bachelor's degree in Cybersecurity, Network Engineering, Information Technology, or related Engineering discipline and typically 6 or more years of relevant experience
• Experience supporting, troubleshooting, and administering a variety of networks, OSs, and applications
• Advanced knowledge of data security administration principles, methods, and techniques
• Strong knowledge and experience administering a variety of current Microsoft platforms
• In-depth understanding of domain structures, user authentication, and digital signatures

Qualifications We Prefer:

• Advanced knowledge of security tools and secure coding practices.
• Advanced knowledge of tools like Veracode, Snyk, Burpsuite, ZAP, Metasploit.
• Proficiency in Java, .Net, Python, and API architecture.
• Experience with SAST, IAST, DAST, penetration testing, and vulnerability assessments.
• Expertise in AWS and Azure security, containerization (Kubernetes, EKS), and cloud-based hosting.
• Strong understanding of disaster recovery, SSL/TLS management, and security best practices.
• Ability to work under shifting priorities and meet deadlines.
• Experience with Agile/Scrum methodologies and a strong grasp of the SDLC.
• Exposure to Splunk is a plus.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.

To conform to U.S. Government international trade regulations, applicant must be a U.S. Citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State or U.S. Department of Commerce.

SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We're known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation's most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!

SNC is an Equal Opportunity Employer committed to an environment free of discrimination. Employment decisions are made based on merit without regard to race, color, age, religion, sex, national origin, disability, status as a protected veteran or other characteristics protected by law.