-
ID
#10685363 -
Job type
Permanent -
Salary
USD74 per hour -
Source
Matlen Silver -
Date
2021-03-05 -
Deadline
2021-05-04
Application Security Engineer
Georgia, Atlanta, 30301 Atlanta USAVacancy expired!
Job Description OVERVIEW As an Application Security Engineer, you will use automated scanning tools and manual techniques to conduct application security testing. You will provide expertise to improve security posture. You will handle and direct complex application security testing, scheduling, and coordination with the LOB to obtain the required information. Other responsibilities are application security scheduling, coordination, training, and administrative work. Identifies web application security vulnerabilities (e.g., OWASP Top 10) using automated tools and manual techniques. Configures/Performs DAST testing, composes reports, and delivers reports to the proper tool/team. Works directly with internal business units to communicate risk. The ideal candidate is passionate about cybersecurity, continuing their professional growth, and/or looking to transition from application development or experience with AWS or AZURE.
JOB RESPONSIBILITIES Perform Dynamic Application Security Testing (DAST) as part of the software development lifecycle, identifying weaknesses for remediation. Partner with enterprise and solutions architects, software engineers, DBAs, and QA engineers to ensure adequate security throughout the SDLC. Stay up to date on current software development technologies, security controls, threats, and vulnerabilities. Effective communication is critical in this role as you will be interacting with various teams with limited to no knowledge of the product you are offering. Install, Configure, use, and maintain web applications, API testing tools, and mobile tools. Provide complete documentation about identified security vulnerabilities and related issues, concisely and timely. Stay current on emerging threats. Actively participate in improving the security culture and education throughout the organization REQUIRED EXPERIENCE, QUALIFICATIONS, AND SKILLS Self-starter, Highly motivated 1+ years of experience in a software development role such as Software Developer, Software 1+ years of experience in a cloud environment 1+ Year in any of the following fields o Dynamic Application Security Engineer o DevOps Engineer o Web Developer o Cloud Engineer o Mobile Security Engineer o API Security Engineer Foundational knowledge of web application (SaaS) design best practices and secure software development. Understanding of agile development practices and how to integrate security into those practices. Frameworks o Knowledge of the OWASP top 10 and application security vulnerabilities. o NIST 800-53 o MITRE ATT&CK PREFERRED EXPERIENCE, QUALIFICATIONS, AND SKILLS Bachelor's degree in Cyber Security, Information Systems, or Computer Science Experience with PCI/HIPPA compliance. Security certifications such as CISSP, CSSLP, GWEB, OSCP, OSWE or other web application security certifications. Experience with cloud computing, Microsoft Azure platforms. Experience with SOA, web services, REST, SOAP, XSLT, XSD, and XML. Knowledge of common web application security flaws and secure coding practices, and the ability to clearly explain security issues to project and development staff; Experience with using security testing tools Ability to take on a high level of responsibility, initiative, and accountability Experience with scripting/programming language Characteristics Strong analytical skills High Attention to Detail Verbal and written communication skills Self-motivated Results-oriented Tools Cloud o AWS o Azure Web Applications o Qualys WAS o WhiteHat Sentinel o Burp Suite o Nessus o OpenVas Mobile o Synopsys 3d o WhiteHat Sentinel o Mobsf o apktool o dex2jar o Android Studio o Frida API o SOUPUI o Postman Virtualization o Hyper-V o Virtual Box o VMware Hacker Tools o Kali Linux o MetesploitVacancy expired!
Related Jobs
