Careers in Secure application design and coding

["Sean T Murray" <smurray1 () nycap rr com>]

I have been reading this list for a few months (after reading "Secure
Coding") and I have a question for the group.  I apologize if it seems
off topic.  How does one get experience in secure application design
and coding?  I left application development 4 years ago to pursue a
career in IT security.  My frustration began about two years ago. Most
of the work I was doing wasn't engineering or even risk management. It
was trying to make the best of a bad situation mainly covering for bad
application design or implementation.  I would like to get back to my
programming roots and combine my knowledge of IT security with
application design.  There are two issues.  1) There don't seem to be
many jobs that do that and 2) Even with my programming and security
backgrounds I'm not sure of my ability to do such a job.  Where does
one go to learn about techniques and tools (besides books)?  Are there
courses (college or seminar-like) or conferences that tailor to secure
application design and programming?  My frustration is that I want to
get into the field, but I don't want to take a job that is pure
application development (that is, doesn't have a security aspect) to
gain expertise, and there doesn't seem to be any other way to learn
it.

I would imagine there are others in my position, so I thought it may
inspire some discussion.  It would be great to hear other's
experience.

Thanks!!

Sean Murray