Application Security Engineer

IT & Security Yarmouth, Maine Bangor, Maine United States


Description

Tyler Technologies is seeking an Application Security Engineer to catalog, audit, and test Tyler products for application security vulnerabilities.

The Application Security Engineer position involves conducting application security assessments and pentests against Tyler products and systems, managing vulnerabilities, and collaborating with development groups to triage and remediate. The Application Security Engineer will work to improve automated and manual security testing practices in development groups and will have direct impact on the security posture of our company, ensuring that Tyler products are effectively protecting client data and systems from threat actors.


Responsibilities

  • Execute project plans and maintain the scope, schedule, and each party’s responsibilities.
  • Maintain a vulnerability tracking platform for all Tyler products.
  • Test all Tyler products for OWASP Top Ten vulnerabilities using both automated and manual testing.
  • Consult for development groups and recommend mitigation techniques for known and upcoming application and system vulnerabilities.
  • Assist divisions with implementing regular automated and manual testing as a part of their software development life-cycle.
  • Investigate enterprise security incidents and provide analysis to senior leadership.
  • Provide and execute projects to increase Tyler's overall security posture.

Qualifications

  • Bachelor’s degree in information technology, computer science, information assurance, or formal security training plus comparable experience.
  • IT certifications such as MCITP, CCNA, Network+, OSWA, OSCP, CISSP, CSSLP.
  • IT experience with deployment of various development frameworks and system stacks.
  • Experience with multiple cloud platforms, operating systems, databases, and hypervisors including AWS, Azure, GCP, Windows, Linux, Unix, VMWare, HyperV, Oracle and MS SQL.
  • Experience with various authentication technologies including Identity Providers, Active Directory, OpenID, SAML, and forms based.
  • Experience with various network technologies such as Intrusion Prevention Systems, Web Application Firewalls, and Load balancing technologies.
  • Excellent oral and written communication skills.
  • Excellent analytical and problem-solving skills.
  • An ability to work both independently and as a team is critical.
  • Must be passionate about security and continuing education outside of work.