Experience Inc. Jobs

Robert Half is seeking a Security Engineer III - Application Security as part of our top-tier team, to help our developers and engineers build secure-by-design solutions. You will lead the effort to ensure that applications have security built-in before they are released by consulting on their architecture. Your job will be focused on building libraries and components that meet the needs of the various technology organizations at Robert Half. You will develop and integrate tools into teams’ SDLC processes to perform automated scanning of application code. You will perform security assessments and code reviews.

This role is highly collaborative and involves learning significant information about teams’ use cases, application architecture, and infrastructure. The role blends both application security and development, and you should be comfortable developing, building, and deploying code in various programming languages. You should also have experience with Application Security Testing (AST) programs such as SonarQube, Snyk, and/or Semgrep.

As a Security Engineer - Application Security , your specific responsibilities will include:

• Build and deploy application security assessment tools to identify deficiencies and suggest more secure coding techniques.

• Develop core components to support common application security needs such as session management, logging/alerting, and secure configuration.

• Become an expert in the business logic of various teams’ applications and make recommendations specific to their use case and their needs.

• Collaborate with teams that manage existing devops pipelines to focus on integrating tools that will enable secure applications.

• Analyze application code and clearly articulate recommend fixes to address deficiencies.

• Help the organization respond to security incidents in software components by building and deploying new versions of code as necessary, as well as contribute to Incident Response (IR) efforts during incidents related to Application Security.

• Collaborate with development teams to carry out Application Security Reviews and conduct manual testing where appropriate.

• Provide expert advice and consultancy to internal customers on risk assessment, threat modeling and fixing vulnerabilities.

• Assess and update internal project engagement methodology and process to better align with a Secure SDLC.

• Provide timely and relevant metrics on security matters to develop security risk analysis scenarios and response procedures.

• Provide subject matter expertise in hardware, software and application security principles.

• Evaluate vendors, products, and procedures for technical risks.

Job qualifications:

• Bachelor's degree in related field or equivalent experience.

• Deep comfortability with software development, and experience working on a software development team.

• A demonstrated history of building production applications with modern platforms/languages in the cloud (AWS and Azure preferred).

• Experience interpreting and remediating security tooling results (SAST, SCA, and DAST preferred).

• 6+ years’ IT security engineering experience or a non-technical degree with 7+ years’ security engineering experience.

• A strong development background, including experience in multiple languages, familiarity with different system architecture models (e.g. microservice vs. monolith), and experience working with teams to gather requirements and develop software.

• Professional experience in security analysis, development, engineering, and support, including experience working with software development teams and making architectural decisions for software components.

• Security-focused certifications a plus (CISSP, CISA, CCSP, CEH, AWS, etc.).

• In depth experience with security frameworks, such as NIST 800-53.

• Experience with securing cloud-based technology deployments and service offerings, to include SaaS, IaaS, PaaS.

• Experience with evaluating application code and ensuring secure coding practices.

• Solid expertise with multiple programming languages, to include: Python, PowerShell, Java, JavaScript, .NET, C#/C++, etc.

• Familiarity with CI/CD tooling such as Jenkins, Gitlab Runners, Github Actions, Travis, etc.

• Ability to communicate in-depth business processes to technical resources.

• Working knowledge and direct experience managing complex security issues.

• Ability to gather, combine and document requirements effectively to propose secure solutions.

• Ability to create thorough and complex documentation and facilitate, conduct meetings, gather information and present status.

• Ability to think independently and in team setting to ensure security issues are addressed in a manner consistent with security principles in mind.

• Possess a security mindset and help instill in other team members. Assess challenges within the concept of overall organizational risk.

The typical annual salary range for this position is shown below and is negotiable depending upon experience and location. The position is eligible for a discretionary annual bonus.

$106,000.00 - $163,000.00

We offer exceptional earning potential and a competitive benefits package, including group health insurance benefits (medical, vision, dental), FSA and HSA healthcare accounts, life and accident insurance, adoption and fertility assistance, paid parental leave of up to 6 weeks, and short/long term disability. Robert Half provides paid time off for vacation, personal needs, and sick time. The amount of Choice Time Off (CTO) our people receive varies based on their years of service and is pro-rated based on the hours worked per week. A new hire earns up to 17 days of CTO per calendar year. Our people also receive up to 11 paid holidays per calendar year. We also offer the opportunity to contribute to our company 401(k) savings and investment plan or deferred compensation plan (if eligible), with an employer match of 100% on the first 3% of your contributions for eligible employees. Learn more at roberthalfbenefits.com/Resources .

Robert Half Inc. is an Equal Opportunity Employer. M/F/Disability/Veteran

As part of Robert Half’s Corporate Services facility employment process, any offer of employment is contingent upon successful completion of a background check.

Robert Half is committed to being an equal employment employer offering opportunities to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us by sending an email to HRSolutions@roberthalf.com or call 1.855.744.6947 for assistance.

In your email please include the following:

• The specific accommodation requested to complete the employment application.

• The location(s) (city, state) to which you would like to apply.

For positions located in San Francisco, CA: Robert Half will consider qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

For positions located in Los Angeles County, CA: Robert Half will consider for employment qualified applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.