Application Security Engineer

APPLICATION SECURITY ENGINEER RESUME EXAMPLEUpdated: July 26, 2024 - The Application Security Engineer plays a crucial role in ensuring the resilience and scalability of web applications, advising on secure design principles, and addressing security issues. Responsibilities include validating, tracking, and prioritizing security issues, developing internal security tools, and participating in security incident response. Additionally, they contribute to security compliance efforts, evaluate new security technologies, and promote a culture of security awareness across development teams.Tips for Application Security Engineer Skills and Responsibilities on a Resume2. Application Security Engineer, Uber, San Francisco, CAJob Summary:Ensure technical security controls are implementedParticipate in security reviews of varying scale and depthThreat modeling, design review, consultation, code review to improve the overall security of our applications.Work closely with developers to diagnose, document and remediate security vulnerabilities.Improve security posture of products through the explanation of facts, policies and practices.Championing security with the developers as part of BAU engagements.Work collaboratively with our key stakeholders, and also independently.Perform application threat analysis (both manually and automatically)Influence clients apps and architecture towards best security practicesGuide and implement DevSecOps tools (SAST, DAST, SCA, etc.) for clientsPerform security code reviews (manually) or to assist with identifying false findingsTake part in penetration testing activitiesKeep up-to-date knowledge for security market and potential threatsExamine output from security tools and software and report on findings.Skills on Resume:Technical Security Implementation (Hard Skills)Security Review Participation (Hard Skills)Vulnerability Remediation (Hard Skills)Security Posture Improvement (Soft Skills)Security Advocacy (Soft Skills)Threat Analysis (Hard Skills)DevSecOps Implementation (Hard Skills)3. Application Security Engineer, Dropbox, San Francisco, CAJob Summary:Partner with engineering and product teams in the design phase of product and featuresPerform threat modeling and security architecture and design reviews.Conduct ongoing network and application penetration testingTracking vulnerabilities and partnering with engineering and product to remediate vulnerabilities according to Mosaic policies.Lead security projects including the implementation and configuration of security tools and automation for ongoing testingDeliver security training to internal development teamsEvaluate data management, data quality and data access processes for gaps, inefficiencies and opportunitiesWork and remediate bugs with affected application and infrastructure teams.Advise and consult internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation.Mentor developers on evolving threats to their applications and help to ensure state-of-the-art secure development practices are being used.Perform code reviews of security-critical code.Research and analyze potential new threats, attack vectors and risks and identify mitigation efforts.Skills on Resume:Security Architecture and Design (Hard Skills)Penetration Testing (Hard Skills)Vulnerability Management (Hard Skills)Security Project Management (Hard Skills)Security Training Delivery (Soft Skills)Data Management and Access Control (Hard Skills)Incident Response and Bug Remediation (Soft Skills)Threat Intelligence and Research (Hard Skills)4. Application Security Engineer, Stripe, San Francisco, CAJob Summary:Conduct application security reviews for our services and applicationsPerform penetration testing for critical services and applicationsPerform security code reviews for critical changes during the development phaseDeliver security training and outreach to internal development teamsDevelop security best practices documentation for internal security applicationsDevelop automation to streamline common tasks, tests, workflows, etc.Training and mentoring DevOps and Developer teams on application security best practicesActively promote security culture and education within the organizationBuild tools to automate security checks across Adobe Products and IT workflows.Perform security testing for new and existing features across web, mobile and desktop products.Enumerate security risks and controls to mitigate them.Research new technologies and present security best practices to product teams.Guide teams on adoption and execution of a Secure Product Life Cycle.Skills on Resume:Application Security Review (Hard Skills)Penetration Testing (Hard Skills)Security Code Review (Hard Skills)Security Training and Outreach (Soft Skills)Documentation Development (Hard Skills)Application Development for Security (Hard Skills)Automation Development (Hard Skills)Mentoring and Training (Soft Skills)5. Application Security Engineer, McAfee, Santa Clara, CAJob Summary:Participate in building better, more robust, and automated processes for the Technology Services departmentOccasionally serve as Tier 2 support for security tools support and troubleshootingBecome a subject matter expert on company systems to enhance and mature the capabilities that the Information Security team has into the environmentFront line support for the Information Security intake processParticipate in providing best in class security recommendations in conjunction with Security Architecture and ratification of systems to comply with a security policy and/or standard/sRisk ranking information security risks and triaging tasks.Participate in Company's project life cycle business process for escalation to security architectureParticipate in Company's Security program vulnerability management programSecurity tool evaluation, recommendation, and maintenanceDevelop and optimize the security tools used throughout the platform infrastructure and contribute to the overall security strategy across the organization.Skills on Resume:Technical Proficiency (Hard Skills)Problem-solving Abilities (Soft Skills)Communication Skills (Soft Skills)Project Management Skills (Soft Skills)Security Compliance Knowledge (Hard Skills)Security Tool Evaluation and Optimization (Hard Skills)6. Application Security Engineer, Zoom Video Communications, San Jose, CAJob Summary:Help building robust and scalable web applicationsAdvise on the secure design of applications and services and participate in threat modelingValidate, track, and prioritize security issuesDesign and build internal security tools that help fix security problemsParticipate in security incident response and help improve our SIEM toolsProvide subject matter expertise on cloud security, application-level security controls, and safe programming practicesPromote security knowledge across development teams and inspire our security championsIdentify security issues and risks, and develop mitigation plans.Design, implement, support and evaluate security-focused tools and services including project leadership.Develop and interpret security policies and procedures.Participate in security compliance efforts.Develop and deliver recommended new and emergency security products and technologies.Skills on Resume:Web Application Development (Hard Skills)Security Advising and Threat Modeling (Hard Skills)Security Issue Management (Hard Skills)Security Incident Response (Hard Skills)Cloud Security Expertise (Hard Skills)Security Knowledge Promotion (Soft Skills)Risk Identification and Mitigation (Hard Skills)Security Policy Development and Compliance (Hard Skills)7. Application Security Engineer, VMware, Palo Alto, CAJob Summary:Architect, design and implement security controls for maintaining a secure ecosystem built in alignment with a zero-trust architectureStay current with solutions in the market, recommend improvements and solutions to existing postureAssist with the documentation and maintenance of designs for security systems and controlsAssist in incident response, breach analysis and tabletop exercisesWork closely with product development, platform, and IT teams on various architectural and design aspects of product and internal securityMaintain strong knowledge of ongoing security threats and recommended best practicesConduct security readiness assessments, application pen tests, and analysis of findingsCollaborate with compliance and technology teams to build actionable functional and technical requirementsBe responsible for the development of documentation (written and video) for AppSec products used within Trimble.Work with teams to identify and close gaps in application security applications and their products.Help to establish and communicate best practices involving implementation of technologies and AppSec solutions.Work with multiple diverse teams spread throughout the world, as such the candidate should be comfortable in a business meeting or virtual meeting setting.Skills on Resume:Security Architecture (Hard Skills)Market Awareness (Hard Skills)Documentation (Hard Skills)Incident Response (Hard Skills)Threat Awareness (Hard Skills)Penetration Testing (Hard Skills)Compliance Building (Hard Skills)8. Application Security Engineer, Slack Technologies, San Francisco, CAJob Summary:Work with the security team to ensure the security of in-house developed applications and COTS systemsPerform analysis, investigation, and remediation of applications and systems partnering with vendorsWork with the security team to ensure superior OS hardening and other security configuration best practices.Provide security assistance to the security and infrastructure team on projects and system architecture.Perform behavioral analysis and review of application logs, alerts, and other security information in order to detect potentially malicious events.Manage InfoSec development, testing and QA functions to ensure that projects are securely delivered and fulfill security requirementsEvaluate, test, and recommend new application and coding security techniques and strategiesEvaluate and recommend new and emerging security products and technologiesOversee the code vulnerability scans and applications patching process, to ensure that SLAs around time to remediation are being met.Review vendor or third-party security processes.Review and recommend Cloud and SaaS solutions from an API security perspectiveSkills on Resume:Application Security Analysis (Hard Skills)Vendor Partnership and Management (Soft Skills)Security Architecture Knowledge (Hard Skills)Behavioral Analysis and Log Review (Hard Skills)Secure Application Development Practices (Hard Skills)InfoSec Management and Quality Assurance (Soft Skills)Research and Evaluation of Security Technologies (Hard Skills)9. Application Security Engineer, Citrix Systems, Fort Lauderdale, FLJob Summary:Participating in security design discussions, providing technical engineering and operational guidance to developers and internal customersCompleting review and improvements for security standards, preferred implementation patterns, secure common frameworks, and developer documentation and education materialsProviding advice on recommended remediations and educating developers on how to build more secure softwareIdentifying emerging trends in the industry and establishing strategic guidance related to best practice approaches to address those trendsDefine and embed technical security policies, principles and standards.Use code analysis solutions to evolve the secure-by-design principle.Develop, maintain and automate security tools for secure SDLC, including ongoing developer trainingMaintaining good practice around code repos (like Git), identifying and remediating weaknesses in Open Source librariesLambda (server-less functions), leading and delivering key projectsProvide advice to development teams on all aspects of security within the development lifecycleProactively identify vulnerabilities, provide solutions and drive remediation (ideally through automation runbooks)Work closely with platform teams to build centralized security reporting dashboards that provide security assurance across our applicationsAutomate the identification and remediation of security issues across Cloud services and build smart real-time reporting dashboards.Skills on Resume:Security Design Expertise (Hard Skills)Security Standards Review and Improvement (Hard Skills)Remediation Advisory (Soft Skills)Industry Trends Awareness (Soft Skills)Policy Development (Hard Skills)Code Analysis (Hard Skills)Security Tool Development and Automation (Hard Skills)Vulnerability Identification and Remediation (Hard Skills)10. Application Security Engineer, Dell Technologies, Round Rock, TXJob Summary:Cultural alignment through listening and communication skills.Develop relationships across internal product, engineering and technical organizations.Stay up to date with the latest vulnerabilities, exploits, security trends and general changes in technology to provide guidance on how these affect the security of business.Threat modeling, architecture and design reviews on services and applications as required.Help other departments to build security into their workflow.Mentor and cross train other Security Engineers across the division.Evaluate and promote new and existing security standards, solutions and tools.Implement technical solutions in line with Coterie’s cybersecurity strategic plans.Analyze threats and vulnerabilities to determine security impactAssess the security of core platform infrastructureBuild technologies to detect and prevent security vulnerabilitiesHelp development teams build security into the Workday platform by performing threat modeling, architecture reviews and code reviewsImpact the product design by providing secure design patternsProvide recommendations for hardening applications and environmentsSkills on Resume:Communication and Listening Skills (Soft Skills)Relationship Building (Soft Skills)Knowledge of Security Trends (Hard Skills)Threat Modeling and Design Review (Hard Skills)Integration of Security into Workflow (Soft Skills)Mentoring and Cross-Training (Soft Skills)Evaluation and Promotion of Security Solutions (Hard Skills)Technical Implementation and Analysis (Hard Skills)11. Application Security Engineer, Atlassian, Mountain View, CAJob Summary:Facilitate efforts in Engineering Teams to perform and maintain threat models and provide coaching and guidance to EngineersUse knowledge of common risk of risks and vulnerabilities to guide Engineering teams in building productsUse and maintain security tooling and processes, such as DAST / SAST tools and vulnerability reportingDeploy and automate AWS security features such as, IAM rules, AWS Config, roles etc.Confirm vulnerabilities in reports such as responsible disclosuresPromote and champion a culture of Application Security among teamsFacilitate and participate in incident response effortsRecord and communicate vulnerability findings and keep records up to dateWork with application development teams across Zwift to provide guidance on best practices for secure application development across a variety of languages and frameworks.Collaborate with application development teams to improve security test coverage and functional security testing.Triage incoming bug reports both from the information security team and the security research community.Skills on Resume:Threat Modeling (Hard Skills)Security Tooling (Hard Skills)AWS Security (Hard Skills)Vulnerability Management (Hard Skills)Promotion of Application Security Culture (Soft Skills)Incident Response (Hard Skills)Communication and Collaboration (Soft Skills)12. Application Security Engineer, DocuSign, San Francisco, CAJob Summary:Partner with software engineers, DBAs and QA engineers to ensure adequate security processes and tools are in place throughoutMitigate identified risks to an acceptable level, and to meet business objectives and regulatory requirementsBased on your own strong software development background with prominent web development languages and frameworksProvide security advice to development and testing teamsProvide expert-level guidance to business analysts, testers, and development teams during internal and external application security assessmentsMust be able to identify, re-create, and remediate security defectsProvide training for development and QA teams on how to implement security into their existing practicesHelp to develop a security mind amongst the engineering teamsImplement and execute an application-level threat modeling program for the enterprisePrioritize and track security issues and work with the necessary teams to ensure remediationServe as a leader by promoting security awareness, mentoring other team membersSkills on Resume:Proficiency in Software Development (Hard Skills)Application Security Knowledge (Hard Skills)Collaboration and Communication (Soft Skills)Security Assessment and Remediation (Hard Skills) #J-18808-Ljbffr

Created: 2025-09-17