Application Security Integrations Engineer

IT & Security Yarmouth, Maine Bangor, Maine United States


Description

Tyler Technologies is seeking an Application Security Integrations Engineer to catalog, audit, and harden Tyler products for application security vulnerabilities.

The Application Security Integrations Engineer position involves managing application security integrations for Tyler products and systems, maintaining metrics of vulnerabilities, administering automation and configuration management tools. The Application Security Integrations Engineer will work to improve automated security testing practices and harden application environments in all development groups. The Application Security Integrations Engineer will have direct impact on the security posture of our company, ensuring that Tyler products are effectively protecting client data and systems from attackers.

 
Responsibilities

  • Execute project plans and maintain the scope, schedule, and each party’s responsibilities
  • Catalog and maintain a list of all Tyler products and which technologies each are utilizing
  • Assist with maintaining vulnerability tracking platform for all Tyler products
  • Test Tyler products for OWASP Top Ten vulnerabilities using automated testing
  • Consult divisions with implementing regular automated security testing as a part of their software development life cycle
  • Consult with divisions to harden applications and environments for Tyler application
  • Assist engineers and architects with general application security consulting for divisions and corporate
  • Assist team and Tyler resources to implement application security operations tools
  • Manage and maintain Application Security tools on corporate recourses 
  • Integrate security scanning in existing CI/CD pipelines 
  • Provide and execute projects to increase Tyler’s overall security posture
  • An escalation resource for Analysts & Engineers

Qualifications

  • Bachelor’s degree in information technology, computer science, information assurance or formal security training plus comparable experience.
  • IT certifications such as MCITP, CCNA, Network+, OWSA, CISSP, CSSLP, AWS Certified Security – Specialty 
  • IT experience with deployment of various development frameworks and system stacks
  • Proficient in Dynamic and Static application security scanning tools
  • Proficient in secure software development lifecycle process and procedure 
  • Experience with GitHub, Bitbucket and TFS development operations and tools
  • Experience with OWASP Top 10 and OpenSAMM frameworks
  • Experience with JIRA and Confluence
  • Experience with 3rd party application integration and automation
  • Advanced knowledge of cross-divisional Tyler software products
  • Excellent oral and written communication skills
  • Excellent analytical and problem-solving skills
  • An ability to work both independently and as a team is critical
  • Three to five years in DevOps or similar IT background
  • Must be passionate about security and continuing education outside of work

The ideal candidate will have advanced knowledge of:

    • Operating system, network, and application security vulnerabilities
    • OWASP Top Ten Vulnerabilities
    • Source code repository operations and management (GitHub, TFS, Bitbucket)
    • Security testing tools and frameworks (BurpSuite, Kali Linux, DAST & SAST scanners, Metasploit, nExpose, nmap, SOAPUI)
    • Scripting and Programming (PowerShell, Python, Bash, C#, Web Services, Ruby, JavaScript)
    • JIRA and Confluence operations & automation
    • Security information and event management (SIEM)