(Enter skills, job title, etc.)

Application Security Engineer

Job Title:

Application Security Engineer


Boston, MA


Information Technology


6-12+ months

Job Description:

The Application Security Engineer member will be part of the Enterprise and Controls team within the CTO organization.  The Application Security Engineer will provide application architecture security guidance to the application development teams with the best practices of secure coding, tools and technologies for development of high performance distributed applications and services.  This position is also responsible for research, evaluation, and recommendation of new technologies and tools/products to determine feasibility and desirability of incorporating them within the Systems strategy and roadmaps; presenting and socializing findings at all levels of the firm,. The Application Security Engineer will supportsystems and business teams by providing guidance for analysis and design, being a subject matter expert in multiple technology verticals,; performance, scalability and benchmarking.  Also, he or she will mentor application developers and other junior team members.

Job Requirements:

Education level and/or relevant experience(s)

-        BS/BA degree in Engineering and/or Computer Science or related work experience required, Masters Preferred.

-        Minimum of 5+ years of technical experience in the architecture, design and development of mission critical applications utilizing a wide range of technologies and vendor platforms to service the business needs


Knowledge and skills (general and technical)

-        3+ years of application information Security Experience

-        Strong knowledge of architectural principles, frameworks, design patterns and industry best practices for design and development.

-        5+ years of experience in functional and object oriented design and development utilizing Java/.Net and/or C/C++.5+ years of experience with UNIX and Windows operating systems.

-        5+ years of experience in at least one JEE Application Server, WebSphere and/or JBOSS experience is preferred.

-        5+ years’ experience in JEE technologies and frameworks that can include the following:Spring, JSF2, Hibernate, Websphere Application Server (WAS), JMS/Websphere MQ, Oracle AQ, Oracle 11g and support integration with other applications via APIs(SOAP/REST), messaging, database access and in memory Data Grid and Big Data.

-        5+ years’ experience as a JEE Architect with exposure to various JEE standards/APIs, certification is highly desired.

-        5+ years of experience in performance tuning and designing highly scalable and resilient distributed applications/solutions.

-        Experience in SOA, BPM, Rules Engines, SOAP, REST WSDL, XML

-        Cloud and API standards with strong understanding of Java/JEE and SCA design patterns, packaging, and deployment is required.

-       High level of familiarity with security assessment tools and techniques

-        Must be able to explain vulnerabilities and weaknesses related OWASP Top 10 and discuss effective defensive techniques

-        Up to date on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities

-        Excellent communication and presentation skills with ability to communicate at all levels of the organization.

-        Technical leadership and mentoring skills to guide and act as SME.

-        Ability to conduct code reviews and work with build and automation tools.

-        Ability to research and present results and recommendations.

-        Exceptional problem solving skills

-        Very strong interpersonal skills and ability to establish  strong cross-organizational partnerships

-        Demonstrably strong  team skills with ability to listen and build consensus and collaborate with business, IT and security groups

-        Strategic thinker with experience identifying, reviewing and solving enterprise level security problems to support and enable business priorities.

Tip of the Week

Make sure your LinkedIn profile is identical or similar to your resume. Consistency is key!


View Starpoint's Top Tips.

Send Us Your Resume

Let Starpoint's expert recruiters help you land your next job.


Submit Your Resume