2 days old
2018-09-182018-10-16

Application Security Engineer

Arlington, VA 22203
  • Job Code
    644022
  • Payrate
    $70 To $80
job summary:

This position is within the Information Security Department, on the Threat Management team. The developer will be responsible for collaborating with application development teams, project managers and DevOps team members to improve the security of Company applications across the SDLC. The engineer will require a thorough knowledge of Agile SDLC methodologies and Secure DevOps practices. The position requires strong secure application development, testing and automation experience.

 
location: Arlington, Virginia
job type: Contract
salary: $70 - 80 per hour
work hours: 8 to 6
education: Bachelors
 
responsibilities:
  • Assist the Threat Management team in developing, maintaining and executing the Company application security program
  • Build and maintain integration between application security products, bug trackers and CI/CD tools
  • Work with application developers and DevOps groups to maintain a detailed inventory of all web applications
  • Coordinates and supports application assessments
  • Develops reportable observations, findings and recommendations to relay to application developers and IT leadership
  • Manage the lifecycle of vulnerabilities discovered during application security scans
  • Participate in Red Team activities and Internal Penetration Testing
  • Strong communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
 
qualifications:
  • Four (4) year degree in Computer Science or related field, or equivalent work experience.
  • Four (4) years of progressively responsible information systems and application security engineering experience that demonstrates an understanding of the required knowledge, skills, and abilities
  • Four (4) years of Node.js experience
  • Five (5) years of .NET development experience
  • Five (5) years of experience in HTML, CSS, JavaScript, and jQuery
  • Strong familiarity with OWASP Top 10 web vulnerabilities and how to engineer software to avoid them
  • Knowledge of and experience working in an Agile SDLC model
  • Experience working with DAST and SAST products, preferably IBM AppScan and Veracode
  • Experience integrating DAST and SAST capabilities into a CI/CD pipeline, experience with TeamCity preferred
  • Experience with a scripting language (Python, Ruby, Perl, etc.)
  • Experience working with third party security vendors
  • Strong proficiency in active listening and the ability to learn quickly
  • Ability to communicate technical security concepts to a diverse audience (written and verbal)
  • Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
  • Database Experience (DBA or security penetration testing)
  • Web Services Security Penetration Testing Experience
 
skills:
  • Four (4) year degree in Computer Science or related field, or equivalent work experience.
  • Four (4) years of progressively responsible information systems and application security engineering experience that demonstrates an understanding of the required knowledge, skills, and abilities
  • Four (4) years of Node.js experience
  • Five (5) years of .NET development experience
  • Five (5) years of experience in HTML, CSS, JavaScript, and jQuery
  • Strong familiarity with OWASP Top 10 web vulnerabilities and how to engineer software to avoid them
  • Knowledge of and experience working in an Agile SDLC model
  • Experience working with DAST and SAST products, preferably IBM AppScan and Veracode
  • Experience integrating DAST and SAST capabilities into a CI/CD pipeline, experience with TeamCity preferred
  • Experience with a scripting language (Python, Ruby, Perl, etc.)
  • Experience working with third party security vendors
  • Strong proficiency in active listening and the ability to learn quickly
  • Ability to communicate technical security concepts to a diverse audience (written and verbal)
  • Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
  • Database Experience (DBA or security penetration testing)
  • Web Services Security Penetration Testing Experience

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

Categories

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Engineer

Randstad Technologies
Arlington, VA 22203

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast