Principal App Sec Principal Engineer

---

Job description

Job Title: Principal App Sec Principal Engineer

Location: 1525 W W T Harris Blvd., Charlotte, NC 28262 Hybrid Roles (3 Days Onsite/2 Days WFH)

Job Descriptions:

specific hands-on technical experience with the following tools (specifically selecting them, integrating them into a CI / CD pipeline and writing / configuring custom queries):

Checkmarx, Fortify, GHAS - CodeQL

BlackDuck, Prisma, CycloneDX, Jfrog Xray, GHAS Secrets, GHAS - Dependabot

Invicti Netsparker, WebInspect, AppScan, BurpSuite, ZAP

We need very deep security software engineering skills.

Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups.

Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking.

Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions.

Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions.

Maintain knowledge of industry best practices and new technologies and recommends innovations that enhance operations or provide a competitive advantage to the organization.

Strategically engage with all levels of professionals and managers across the enterprise and serve as an expert advisor to leadership.

Required Qualifications:

7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

3+ years of Cloud experience (GCP, Azure, AWS)

Ability to Travel up to 10% of the time

5 + years Development experience in more than one language

3+ years of experience with secure DevOps and deployment automation to cloud environments

3 + years CI/CD integration experience

2+ years of ServiceNow Experience

Demonstrated experience in Penetration Testing

Demonstrated experience in determining root cause analysis for actionable SDLC security updates

Dynamic Analysis Security Testing (DAST) experience

Knowledge of Kubernetes Containerization Strategy

Static Analysis Security Testing (SAST) experience (Checkmarx, Fortify, Semgrep, manual code review, etc.)

Recent Java or C# & .NET CORE development experience including the development of RESTful APIs

Experience with SDLC and Agile methodologies

Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices.

<!– job description page –>