Application Security Engineer

Overview

Secure software life cycle, assess apps, mentor devs, lead security program.

Key Responsibilities

• security standards
• risk mitigation
• security assessments
• security training
• application architecture
• code review

Tasks

-Raise awareness of application security requirements through development and review of application security standards, policies and secure SDLC processes -Develop and implement the application security program in-line with industry best practices and compliance across all of Acuity Brands engineering teams. -Proactively identify and mitigate against application security risks or incidents -Conduct security assessments of web and mobile applications, APIs, and microservices. -Provide security training to internal engineering, DevOps and infrastructure teams. -Participate in the architecture of mobile and web applications including interface and database design, process and API flows, networking, cloud infrastructure, protocol communication, security and appropriate technology use. -Provide guidance and oversight into secure application coding practices conducted by other teams by acting as a mentor to software developers -Perform application and source-code reviews, threat modeling and penetration tests to build application visibility

Requirements

• security experience
• vulnerability scanning
• static analysis
• cloud platforms
• programming
• certifications

What You Bring

-8+ years of experience in the security domain with working knowledge of Software Development and required knowledge of application testing -Experience with vulnerability and application scanning tools (e.g., Qualys, Nessus, AppScan, BurpSuite) -Bachelor's Degree in Computer Science (CS) or equivalent -Continuous learning and researching security related trends and best practices. -Programing background and working experience in SDLC and software development tools such as Eclipse, Jenkins or similar -Experience with static analysis tools (e.g., SNYK, BlackDuck, Checkmarx) and knowledge of OWASP tools and methodologies. -Application security experience with high level programming languages (e.g., Java, C, C++, C#, VB, .NET, ASP.NET, ASP, PHP, J2EE, JSP) -Experience with Cloud Service Providers (Azure and/or AWS) -Communication skills to create documentation, videos and conduct training classes -Security certifications, such as CISSP, CEH, OSCP, CISA, are desirable

People Also Searched For

About Acuity

-Generates roughly $3.8 billion in annual revenue (2023), trading publicly under ticker AYI. -Designs and manufactures luminaires, lighting controls, power supplies, skylights and integrated systems. -Typical projects span new‑build and retrofit installations in commercial offices, industrial facilities, institutional campuses, transportation infrastructure and homes. -Under brands like Lithonia, Holophane, Juno and nLight, it blends LED innovation with IoT‑enabled controls. -Stands out with its Atrius IoT platform and a unique combo of lighting, building analytics and smart controls—blurring lines between hardware and software.

Sector Specialisms