22 days old

Penetration Tester

Charlotte, NC 28202
  • Job Code
    578530
  • Payrate
    $50 To $60

Application Security Analyst


Security Analyst specializing in Application Security. This position is responsible for information security solution architecture, the mentoring and supporting of security analysts and the development and enforcement of Duke Energy security standards and guidelines relating to application development. This position may consult with developers, leadership, security analysts, and architects in other organizations on emerging technologies and vendor architectural directions related to information security. This position will be responsible for understanding cross-company business needs and designing solutions that meet business requirements while maintaining confidentiality, integrity and availability of Duke Energy information and systems.


Major Job Duties: - Perform functional requirement review, design review - Work collaboratively with all participants in agile software development project and support developers and testers as they set up their build Dev / Test environments - Troubleshoot and resolve issues related to application development, deployment and operations - Perform code review across a variety of programming languages - Identify, communicate, and drive the resolution of vulnerabilities - Serve as a subject matter expert for security in application projects - Performing application vulnerability assessments (SAST and DAST) focused on web and mobile applications - Identify application security requirements for projects - Developing testing scripts, policies, procedures and standards - Manage third party scans and conduct vulnerability review with the development team - Other security-related projects that may be assigned according to skills


Basic Qualifications: - Experience designing Web/Mobile application security testing solutions - At least 3 years of experience in any major DevOps tool- implementation and automation chain (Veracode, Jenkins, Qualys, SonarQube, GitHub). - At least 3 years of experience with web application, web service implementation, infrastructure scans. - At least 2 years of experience with SAST (Fortify/Veracode or similar) tools. - Application development background, along with a desire for continued learning for new programming languages, techniques and related security issues. - Familiarity with the OWASP framework and application security best practices. Understanding of Software Security Architecture and Design, Agile, SDLC and the ability to clearly articulate best practices for application security. - Strong written and verbal communication skills. Specific relevant experience should include writing and presenting application security assessment reports. Candidate should have experience making and defending sound technical arguments that incorporate relevant technical and business considerations, and building consensus among stakeholders. Desired Qualifications - Current holder of CISSP, CASS or other relevant industry certifications. - Experience with developing designs and reference architecture for emerging technology leveraging industry standards. - Ability to convert documented business requirements into conceptual, logical, and physical design documents. - Project management skills.

Categories

  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Share this job:

Penetration Tester

Randstad Technologies
Charlotte, NC 28202

Share this job

Penetration Tester

Randstad Technologies
Charlotte, NC
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast