Application Security Engineer
IBA InfoTech Inc.
Greensboro, United States of America
1 month ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Greensboro, United States of America
Tech stack
Java
Agile Methodologies
Burp Suite
Code Review
DevOps
Dynamic Program Analysis
Mobile Application Software
Network Architecture
Systems Development Life Cycle
Fortify (Software)
Web Application Security
Software Engineering
Webinspect
Software Security
Veracode
Firewalls (Computer Science)
GWAPT
Information Technology
Checkmarx
Appscan
Burpsuite
Job description
- Responsibility for the security of LFG applications and services
- Conduct design review, code review, and dynamic analysis
- Identify, communicate, and drive the resolution of vulnerabilities
- Serve as a subject matter expert for application development and infrastructure teams
- Communicate effectively with a wide variety of technical levels
- Perform security assessments of web and mobile applications
- Research and advocate for new security solutions and technologies
- Stay current on security trends, vulnerabilities, and testing methods
- Contribute to related policies, standards, and supporting documentation
Requirements
- Undergraduate degree or 4+ years of comparable work experience
- OSCP, OSWE, ISC2 CISSP, CSSLP, GIAC GWAPT, GIAC GSSP-Java, GIAC GSSP-NET Preferred, * 5-7+ years of experience in Information Technology that directly aligns with the specific responsibilities for this position
- Extensive experience in web application security
- Strong knowledge of application security throughout the SDLC
- Experience with agile delivery practices
- Experience integrating security into DevOps practices.
- Experience conducting source code review preferred
- Experience using static application security testing tools such as Fortify, Checkmarx, Veracode, etc.
- Experience dynamic analysis with tools such as AppScan, Webinspect, BurpSuite, and OWASP ZAP, etc.
- Familiarity with related network infrastructure, such as firewalls, WAFs, and IPS
- Familiarity with common DMZ architectures
- Prior financial services experience preferred
- Agile Mindset; awareness/understanding of Agile methodologies