Junior Application Security Engineer

Wilmington, DE

Monday to Friday, 9am-6pm EST or 10am-7pm EST

Hybrid (onsite one day/week)

The Junior Application Security engineer will be responsible for the following:
• Providing expertise in the Application Security areas of Web Application Security Services, API Security and Application Security Testing.
• Developing policies to protect web application and API's from malicious payload attacks, provide virtual patching capabilities and validation with Security Testing.
• Assisting in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.

What You Will Bring:
• Knowledge in building the F5 WAF, API Security, BOT protection, DOS/DDOS protection policies and extending them to hybrid cloud environment -AWS and Azure environment.
• Familiarity with DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA
• Knowledge of Cloud & Kubernetes Resource Security, Secure Network and Architecture, SDLC standard and policies.
• Familiarity with Web App Protection AWS and Azure App Protection Policy, Configuration, and Security Management tools
• Expertise in Programming languages Python, NodeJS, SQL query and Vulnerable Code remediation.
• Stay up to date with the latest application security threats and trends.

Required:
• Proficiency in designing, implementing, and maintaining effective security policies for web applications using WAF technologies.
• Experience coordinating and performing vulnerability assessments using automated and manual tools.
• Ability to review and analyse WAF logs to detect and respond to security incidents promptly.
• Ability to review and analyse vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
• Strong experience with BI Design and Development.
• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc.).
• Familiarity with common security libraries, security controls, and common security flaws.

Other Application Security Engineer Role requirement for CSC:
• Manage security integration into the SDLC process at CSC.
• Help evolve CSC's application security functions and services.
• Responsible for Security bug intake and remediation process for CSC.
• Identify security exposures and develop mitigation plans.
• Identify, report and fix technical debt.
• Assist Senior Application Security on all application security activities.
• Become a representative for the CSC Information Security program.
• Be productive and participate in security initiatives with minimal supervision.
• Use the tools and technologies used throughout CSC InfoSec.
• Troubleshoot issues and performance bottlenecks.
• Follow Security best practices
• Strong foundation in core information security principles and goals.
• Proven expertise in enterprise security solutions.
• Knowledge of common and emerging security threats.
• In-depth knowledge of security best practices.
• Exceptional analytical aptitude and attention to detail.
• Excellent communication skills.
• Ability to explain complex security topics in simple language.
• Fast learner / a strong willingness to learn.
• Good team player who is self-motivated and well organized.
• Security Certifications are a plus.

#LI - CS1

At CSC, we're always looking ahead, finding ways to improve and anticipate the future needs of our customers. Curiosity fuels our innovation and productivity drives our results. This proactive mindset has helped us adapt and create solutions that have enabled businesses to run smoother and smarter for more than 120 years.

CSC is committed to attracting, developing, and retaining talented people whose personal values align with ours. We empower our employees to bring the right solutions to market to meet customer demand. That is why we are the premier provider of global solutions for more than 180,000 businesses.
• CSC is a great place to work with smart and dedicated people. We have been voted a Top Workplace every year since 2006 and are a 2022 National Top Workplace.
• We offer challenging work and career opportunities. Most positions are filled with internal moves and employee referrals.
• Employees are eligible for an annual success sharing bonus or commission plans based on role and individual performance.
• CSC offers excellent benefits, including medical, dental, life insurance, and flexible spending and health savings accounts. We also offer you a 401(k) with employer match and profit-sharing, paid time off, tuition reimbursement, and more.
• Our global standard for our work environments supports current and future technology initiatives through open design, sit-stand workstations, and digital interface points with wireless access throughout the campus. It's an exciting time for us in terms of growth and expansion.

CSC is a global business, legal, and financial services company based in Wilmington, Delaware, USA, providing knowledge-based solutions to clients worldwide. We have offices and capabilities in over 140 jurisdictions in the Americas, Europe, Asia Pacific, and the Middle East, and more than 8,000 colleagues. We are the business behind business.

Visit our careers site to learn more about CSC and our commitment to our clients, communities, and each other.

CSC is committed to creating a feeling of belonging through a diverse and growth-oriented environment where everyone is valued.

CSC colleagues have global career opportunities and excellent benefits, including annual success-sharing bonuses or commission plans based on individual performance. To learn more, visit cscglobal.com/service/careers.

We offer a range of support to colleagues with disabilities, ensuring people have the necessary resources to thrive in their roles. We encourage candidates to work closely with our talent acquisition partners to convey their specific needs. Our commitment to accessibility reflects our broader dedication to diversity and belonging,

CSC only accepts resumes from employment agencies that are part of our approved supplier program. Resumes submitted from other agencies either to talent acquisition, our hiring leaders, employees, or through any other mechanism other than our supplier process, will not be eligible to claim related fees and the submitted resumes will be considered property of CSC.

We encourage candidates to apply directly to our website and not through third-party sources.

Disclaimer: The information above describes the general nature and level of work performed by employees in this role. It is not intended to describe all duties, responsibilities, and qualifications.