Application Security Engineer

Please do not respond to direct messages with your personal information. All job applications and your sensitive, personal information should only be submitted via our official job platform.

Application Security Engineer 

Job Title: Application Security Engineer 

FLSA: Exempt 

Location: US-GA-Atlanta - Hybrid

Job Overview:

The Application Security Engineer is responsible for assessing information risk and facilitates remediation of identified vulnerabilities with the Safe-Guard Products applications and authentication. Reports on findings and recommendations for corrective action. Performs threat modeling, vulnerability assessments, dynamic application security testing, and penetration testing as required.

The application security engineer creates and evolves an API security strategy to support the business at scale. The role is responsible for designing a secure framework with a repeatable, flexible process, and the engineer must be able to receive, assess and integrate input from technical and business units to ensure that what is designed meets business and technical needs. The position is responsible for the security of applications supporting business-to-business, third-party relationships, and consumers. The role requires rigor in authentication and authorization, as well as data validation and secure data transmission, all validated with logging and auditable events. The engineer must be comfortable supporting integration with both internally developed and externally supported applications and services. Considered as a highly knowledgeable individual, the application security engineer is expected to recommend programmatic controls and monitor and manage secure development processes that address modern day issues.

Essential Functions:

• Develop and apply authentication and authorization security requirements to support secure identity, privilege management, and access control models across applications and APIs; support role- and attribute-based access control. 
• Conduct application security risk analysis, threat modeling, and secure design reviews in partnership with development teams throughout the software development lifecycle.
• Analyze, triage, and prioritize application security findings from automated testing, endpoint security detections, and third-party assessments, focusing on exploitability, business impact, and remediation feasibility.

• Document and provide ongoing maintenance of materials toeliminatediscrepancies in development and security best practices. 
• Serve as the primary application security liaison for assigned development teams, leading recurring security touchpoints to review findings, remediation progress, and secure design considerations.
• Over time, it contributes to the development of automated security workflows and integrations that embed security validation into development and delivery processes.
• Be highly engaged in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects; deliver projects on time, within budget andin accordance withSLAs. 
• Leverage security standards and implementation configurations, as well as common security frameworks. 
• Align with architects and development teams for a mission of secure design and data integrity preservation among users,appsand infrastructure. 
• Shareapplicationsecurity knowledge and best practices with peers and development teams to strengthen security awareness and adoption.
• Support compliance obligations by translating regulatory and policy requirements into actionable application security controls, partnering with security leadership for review and approval.
• Develop security test plans from architectural designs,identifydeficiencies,and make enhancements to ensure production is notimpacted.

Skills and Experience:

• Established experience with Agile and software development lifecycle (SDLC) practices. 
• Experienced with REST and SOAP development and security controls.
• Additionalexperience with JSON, JWT, XML,jQueryand JavaScript.
• Knowledge of security fundamentals for software-as-a-service (SaaS) application integrations.
• Skillful in single sign-on (SSO), OAuth 2.0, OpenID Connect and SAML. 
• Proven excellence in communicating businessriskfrom cybersecurity topics.
• Active involvement with practicesemergingfrom OWASP, NIST and SANS, among others.
• Proficient in software development (Java, Python, Ruby, GO, etc.)
• Solid understanding of network and web protocols.

• Experienced with securing intra-company and third-party APIs. 
• Experienced working with API gateways
• Track recordof acting with integrity, taking pride in work,seekingto excel, being curious and adaptable, and communicating thoroughly.

Qualifications: 

• SecDevOpsbackground in public and private clouds.
• Bachelor’s Degree, Information Systems, Computer Science, InformationSecurityor relatedfieldpreferred. 
• 7-10years ofInformation Technology orInformation Security experience with a proven ability to engage with Senior Management andDevelopers.
• Experience with cryptography controls and measures to secure applications and data.
• Knowledge of API tools such as Swagger, Apigee,vRESTand API Fortress.
• Understanding ofcloud API resources from Amazon Web Services (AWS), MicrosoftAzureorGoogle Compute Cloud (GCP).
• Certified Secure Software Lifecycle Professional(CSSLP),GIAC Certified Web Application Defender (GWEB)or relatedcertificationstronglypreferred.

About Safe-Guard Products International:

Safe-Guard Products International is the leading provider of branded vehicle protection products in the finance and insurance space to the automotive, RV, marine and motorcycle/powersports industries. We are a proud partner to Original Equipment Manufacturers (OEMs), top retailers, and independent agents across the United States and Canada. In nearly thirty years, we have grown to power a client roster of over 50 leading protection brands and protect over 16 million consumers under Safe-Guard contracts. Our success is driven by over 700 employees, who serve over 12,000 dealers and support contract holders across the U.S. and Canada.

Safe-Guard continues to experience dynamic growth and has earned a stellar reputation from our clients, dealers, and peers by providing: 1) the highest quality protection products in the industry, 2) a broad platform of branded product, technology, marketing, and training solutions, and 3) an unwavering commitment to uncomplicated care and customer service.

Safe-Guard Products International is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, disability or protected veteran status, or any other status or characteristic protected by federal, state, or local law.