Edtech.com's Summary

OverDrive is hiring an Application Security Engineer to enhance and maintain the security of their applications and protect patron and customer data. The role involves collaborating with development and IT teams to embed security throughout the software development lifecycle and ensuring compliance with standards such as PCI, GDPR, and NIST CSF.

Highlights

Maintain and improve OverDrive's security posture for applications and data.
Work with development and IT teams on security during all phases of the SDLC.
Manage vulnerability triage and remediation within the environment.
Advocate security best practices via presentations and threat modeling meetings.
Review SAST results and assess risks of custom code and third-party libraries.
Conduct application security penetration testing and coordinate third-party reviews.
Bachelor’s Degree in Computer Science or related field, or equivalent experience required.
Proficient in object-oriented coding and application development, preferably with C#, Ruby, and JavaScript.
Strong communication skills and ability to prioritize work effectively.
Ensure compliance with regulatory standards such as PCI, GDPR, FERPA, CCPA, and NIST CSF.

Developer (Application Security Engineer) Full Description

Developer (Application Security Engineer)

Information Technology & Security Cleveland, Ohio

Description

This position will require you to be in the Greater Cleveland, OH Area
We are presently in a hybrid schedule, 2 days on campus and 3 days WFH

The Application Security Engineer's responsibilities include maintaining and improving the security posture of OverDrive to protect our patron and customer data and intellectual property. This role works primarily with the development and IT departments to ensure a high level of security within our applications through all phases of our SDLC as well as maintain compliance with regulatory standards such as PCI, GDPR, FERPA, CCPA, NIST CSF, etc.

*** To be qualified for this Application Security Engineer opening, you need to be able to write OO code, read OO code, and design and implement web applications.

Responsibilities:

Assist with triage and remediation of vulnerabilities within the OverDrive environment.
Advocate security best practices throughout the company but especially within the development department through short monthly presentations or threat modelling meetings.
Review SAST findings for accuracy and risk to the custom code developed within the environment.
Perform risk assessments on third party software and libraries to determine the safety of their use in the OverDrive environment.
Research and review dependency vulnerabilities that are discovered in third party libraries.
Conduct research to identify new attack vectors against OverDrive’s products and services.
Perform application security pen tests against developed applications or work with third party vendors to perform yearly application reviews on larger applications.
Gather, verify and report audit to allow for educated decisions on remediations.

Requirements:

Bachelor’s Degree in Computer Science or related field or equivalent experience.
Application development experience required – C#, Ruby and JavaScript preferred
Excellent interpersonal / communication skills.
Well organized with strong attention to detail and ability to prioritize work.

What’s Next:

As you’ve probably guessed, OverDrive is a place that values individuality and variety. We don’t want you to be like everyone else, we don’t even want you to be like us—we want you to be like you! So, if you're interested in joining the OverDrive team, apply below and tell us what inspires you about OverDrive and why you think you are perfect for our team.

OverDrive values diversity and is proud to be an equal opportunity employer.

Original Job Description

Developer (Application Security Engineer)

Information Technology & Security Cleveland, Ohio

Description

This position will require you to be in the Greater Cleveland, OH Area
We are presently in a hybrid schedule, 2 days on campus and 3 days WFH

*** To be qualified for this Application Security Engineer opening, you need to be able to write OO code, read OO code, and design and implement web applications.

Responsibilities:

Assist with triage and remediation of vulnerabilities within the OverDrive environment.
Advocate security best practices throughout the company but especially within the development department through short monthly presentations or threat modelling meetings.
Review SAST findings for accuracy and risk to the custom code developed within the environment.
Perform risk assessments on third party software and libraries to determine the safety of their use in the OverDrive environment.
Research and review dependency vulnerabilities that are discovered in third party libraries.
Conduct research to identify new attack vectors against OverDrive’s products and services.
Perform application security pen tests against developed applications or work with third party vendors to perform yearly application reviews on larger applications.
Gather, verify and report audit to allow for educated decisions on remediations.

Requirements:

Bachelor’s Degree in Computer Science or related field or equivalent experience.
Application development experience required – C#, Ruby and JavaScript preferred
Excellent interpersonal / communication skills.
Well organized with strong attention to detail and ability to prioritize work.

What’s Next:

OverDrive values diversity and is proud to be an equal opportunity employer.

Let me find your next job.

Thanks - you're signed up.

Developer (Application Security Engineer)

Edtech.com's Summary

Developer (Application Security Engineer) Full Description

Information Security Operations Analyst

Network Security Engineer

Security Analyst

Information Security Engineers

Information Security Engineers