Company

Churchill Downs IncorporatedSee more

addressAddressLouisville, KY
type Form of workFull-Time
CategoryInformation Technology

Job description

SUMMARY:
The Application Security Engineer is a critical part of the Twinspires Cyber Security program. In this role, the Application Security Engineer will interface directly with developers to ensure Twinspires web and mobile application vulnerabilities are prioritized and remediated correctly. This position will also be a key technical resource in administering and maintaining Twinspires suite of security testing tools, penetration testing Twinspires applications, and participating in third party assessments.
ESSENTIAL DUTIES AND RESPONSIBILITIES will include the following:
  • Day to day operation, monitoring, and maintenance of Twinspires Application Security testing solution suite, including static code analysis, dynamic code analysis, mobile security testing, and software composition analysis.
  • Serve as a resource to development teams on best practices for secure coding, security architecture, and vulnerability remediation.
  • Evaluate new projects for potential Application Security vulnerabilities and collaborate with product and development teams on appropriate risk mitigations.
  • Write automated scripting to aggregate data and metrics from security tools.
  • Create documentation outlining Twinspires Application Security standards and practices.
  • Provide evidence for and participate in third party assessments as needed.
  • Manual penetration testing of Twinspires web and mobile offerings.
  • Work with external development vendors to remediate vulnerabilities and design secure architectures.
  • Other duties as assigned by Management.

REQUIREMENTS:
  • Degree in in cyber security, information systems, computer since, or equivalent industry experience, program completion, or certifications.
  • AWS Certified Cloud Practitioner or Solutions Architect Associate a plus.
  • 2-3 years experience working in an information security program; Application Security related duties or projects a plus.
  • Knowledge of the OWASP Top 10 Framework; Understanding of different web application vulnerabilities, their associated risks, and mitigation strategies.
  • Python coding experience.
  • Experience with security tools such as Sonarqube, Snyk, Invicti, NowSecure, Burp Suite, or equivalent.
  • Foundational knowledge of Amazon Web Services (AWS).
  • Ability to quickly learn complex systems, infrastructure services, and network-related technologies.
  • Ability to work on multiple projects concurrently
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25
  • Experience using web logs to identify threats
  • Experience with the following technologies: Java, Java Spring, Spring Boot, Spring Data (JPA), Spring MVC, MySQL, WAF/CDN Akamai preferred, Cloud Platform AWS preferred
  • Ability to obtain racing and/or gaming licenses as required in any jurisdictions where CDI operates. Gaming industry is highly regulated and as such demands an extensive background checks in order to obtain a license.
Refer code: 7255619. Churchill Downs Incorporated - The previous day - 2023-12-20 16:21

Churchill Downs Incorporated

Louisville, KY
Popular Application Security Engineer jobs in top cities
Jobs feed

R&D Director

Aspire Bakeries

Swedesboro, NJ

CDL-A - Dedicated Flatbed truck driver

Schneider

Cheney, WA

Driver - Jacksonville Remarketing

Enterprise Holdings, Inc.

Jacksonville, FL

Packaging Operator II

Aspire Bakeries

Hazleton, PA

warehouse associate.

Spherion

Mansfield, OH

$15.00 per hour

Customer Development - Key Account Rep 1

Aspire Bakeries

Cleveland, OH

assembly associate.

Spherion

Bellville, OH

$12.00 per hour

Part-Time Assistant Football Coach

York State Department Of Labor

New York, NY

Recruiter Trainee

Maxim Healthcare Services

Lexington, KY

Share jobs with friends

Application Security Engineer - Remote

Ryder System

$120,000 - $150,000 a year

Frankfort, KY

3 months ago - seen

Application Security Engineer

Churchill Downs Technology Initiatives C

Louisville, KY

6 months ago - seen

Application Security Engineer

Twinspires

Louisville, KY

6 months ago - seen