.Application Security EngineerThe Application Security Engineer is a position of technical expertise, influence, and leadership in the security technology realm. The Application Security Engineer is highly passionate and is a deeply technical security.Expert to help the University and its employees develop sound security practices. WGU The Application Security Engineer will deliver security solutions, risk and control guidance, lead proof-of-concept projects, and conduct workshops. Experience determining, verifying and documenting security flaws in accordance with industry best practices.Essential Functions and Responsibilities:- Work with developers as part of the Software Development Life Cycle- Cultivate secure coding standards based on industry accepted frameworks- Prioritize and track assigned security issues- Enforce secure development standards and requirements- Familiarity with compliance & security standards across the enterprise IT landscape deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a complex environment- Harden networks, containers, VMs, and other cloud infrastructure to reduce risk of cloud security misconfigurations- Write and implement policy-as-code to automate the enforcement of compliance and security configuration management- Working knowledge of cloud computing technologies- Familiarity with archive, backup/recovery and business continuity processes in distributed operations- Demonstrated ability to think strategically about business, product, and technical challenges- Assist with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, vulnerability management- Functions equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains- Assist in the development of cloud security policies and procedures- Build and maintain relationships across the University to promote cloud security initiatives.- Identify gaps in the University's security model, suggest solutions including tools and processes- Engage with security architects to capture design requirements for cloud architectures and implementation strategies- Create new processes, identify new threats and mitigation strategiesKnowledge, Skill and Abilities:- Experience with security industry standards and best practices- Proven experience with interpretation and implementation of those standards in a corporate environment- High integrity. Will be working with sensitive data- Operate Information security tools and processes- Execute established security practices with consistency and discipline- Hands on experience integrating security into the various stages of a CI/CD pipeline