Application Security Engineer

  • Free
  • Published date: May 25, 2023
    • Oregon, United States

Location: Eugene, OR
Categories: Information Technology, Computer and Information Science
Department: Information Services
Classification: Analyst Programmer 2
Appointment Type and Duration: Regular, Ongoing
Salary: $57,108 - $105,984 per year
FTE: 1.0

Hybrid eligible

Review of Applications Begins
Priority review begins June 12, 2023, position open until filled

Special Instructions to Applicants
Complete applications must include an online application and a resume.
All applications must be submitted here, careers.uoregon. edu/en-us/job/531043/enterprise-software-developer

Position Summary
Reporting to the Director of Digital Work Experience, the Application Security Engineer will be part of the Digital Work Experience team and will also work closely with the Information Security Office. This is a technical position, responsible for identity and access management and data protection solutions that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to the University of Oregon. This position also requires superior people and "soft" skills, like empathy, tact, flexibility, and collaboration.

The incumbent in the position will evaluate, assess, and provide recommendations on new products and technologies related to the design and deployment of secure on-premise and cloud-based services. In addition, the incumbent will evaluate, assess, and perform risk analysis on existing services. The Application Security Engineer will implement and document security solutions to ensure the integrity of the environment and systems they are responsible for.

The Application Security Engineer will play a key role in identifying, investigating, documenting, mitigating and re-mediating incidents that involve university information systems and data. The incumbent in this position will work collaboratively with technical and non-technical users as well as the Office of Information Security.

The Application Security Engineer will have an understanding of all layers of the application and infrastructure stack, including networking, security, platform, and application level services. This position will develop solutions and utilize technologies for identity & access controls and platform environment management and may assist in defining guidelines and standards.

The Application Security Engineer is required to apply critical thinking and risk analysis methodologies when considering the relative risks and rewards of potential actions. Choosing the most appropriate course of action when evaluating the impact of vulnerabilities and possible solutions; and considering both micro and macro impacts of their decision. The Application Security Engineer will stay abreast of evolving campus needs, technology capabilities, and threat intelligence from a variety of sources to optimize data protection measures. This position will work with campus stakeholders to ensure data security needs and controls are aligned to support organizational goals and objectives. This position will also provide off-hours, on-call support on a rotation basis in coordination with other groups within Information Services.

Essential Personnel
This position may provide essential services during times of emergencies and inclement weather. This position may be required to fulfill essential services and functions during these times.

Candidates who promote and enhance diversity are strongly desired.

Minimum Requirements
• This classification requires a basic foundation of knowledge and skills in systems analysis and related programming support functions generally obtained by a bachelor's degree in computer science, or an equivalent amount of training and applied experience.

Professional Competencies
• Ability to work effectively with faculty, staff, and students from a variety of diverse backgrounds.
• Strong problem solving skills.
• Ability to adapt within a rapidly changing technical environment.
• Excellent verbal and written communication skills, including the ability to explain technical concepts to audiences with a wide range of technical skills.
• Ability to work independently as well as in a team-oriented, collaborative environment.
• Ability to plan and account for impacts of system development efforts across architectural components, critical business processes, data and applications.

Preferred Qualifications
• Bachelor’s degree in Computer Science, Information Technology/Systems, Information Security or relevant field.
• Professional experience administering or supporting SaaS solutions or solutions on IaaS and PaaS platforms such as Office 365, G-Suite, AWS, Azure, or Google Cloud Platform.
• Two years of experience providing secure IT solutions with information security responsibilities; this may include responsibilities as a security professional or as an IT administrator (e.g., network, systems, application, or cloud administrator) with experience implementing or supporting security controls.
• Experience with Active Directory, Azure Active Directory and Conditional Access
• Demonstrated familiarity with information security event triage.
• At least two years of experience in an academic campus IT environment.
• Working knowledge of laws, regulations and standards affecting information technology security in a higher education environment, including, but not limited to, PCI-DSS, HIPAA, GLBA, HEOA, FERPA, and DMCA.
• Knowledge of well-known application security best practices such as OWASP, aspects of ISO 27001, or applicable NIST 800 standards.
• Certification in or progress toward at least one designation in an information security, risk, compliance or related discipline (e.g. CISSP, SSCP, CSA+, GIAC, GWEB, CSSP).

FLSA Exempt: Yes
Reference : Application Security Engineer jobs

Useful information

  • Avoid scams by acting locally or paying with PayPal
  • Never pay with Western Union, Moneygram or other anonymous payment services
  • Don't buy or sell outside of your country. Don't accept cashier cheques from outside your country
  • This site is never involved in any transaction, and does not handle payments, shipping, guarantee transactions, provide escrow services, or offer "buyer protection" or "seller certification"


post to multiple job boards
Now take benefits of multiple job boards and search engine posting.
Try it.

Related listings