Application Security Engineer
Job Locations: US-AZ-Phoenix
Posted Date: 6/12/2017 12:07 PM
Job ID: 2017-1698
# of Openings: 1
Category: Information Technology
Our customer is Phoenix, Arizona is seeking a Application Security Engineer to assist them with ongoing IT Security needs. This individual will perform ongoing security vulnerability assessments and application pen tests, including identifying, assessing, and driving remediation of application vulnerabilities. Develop security improvements for the company’s websites and backend applications and serve as a SME on website and application-related projects. Research and recommend emerging security technologies/tools to address current and future threats and create and maintain documentation as it relates to security designs/configuration, processes, and requirements. You will participate in security incident response processes. Mentor development teams on use of secure coding practices and evangelize secure software development practices and processes throughout the SDLC
Essential Job Functions and Responsibilities:
Participate in the building, automation, and operation automated security review capabilities across multiple technology stacks and languages throughout the SDLC
Coordinate security code reviews, application vulnerability testing, and penetration testing, and train engineering team on best practices in application security throughout the SDLC.
Drive assessment of applications to identify and prioritize risks, driving prioritization and remediation across application development teams.
Be an expert on vulnerabilities and attack vectors that have the potential to impact to customer’s systems
Proactively identify and implement products and tools to ensure security of our applications, collaborating with all areas of IT to harden our environment
Participate in developing technical strategy; apply and promote security technology that optimizes the portfolio of technologies, tools, products, and applications.
Work IT leaders and subject matter experts to use technology to improve overall corporate security posture.
Deliver assessment services, develop business cases, design solution architecture, and recommend multi-phased, complex migration programs that address application security.
Develop timelines, work estimates, cost projections, and manage projects related to application security initiative to approved guidelines; review and consult on design and technical approach of projects to ensure consistency.
Required Work Experience
8 years of experience with application design and development.
3 years as application security engineer analyzing the application modules for enhancing the application security.
Bachelor’s degree in business, information technology, computer systems, or related field
Preferred Work Experience:
10 years of experience with application design and development.
5 years as application security engineer analyzing the application modules for enhancing the application security.
Proven experience with web pen testing and application vulnerability assessments
Master’s Degree in business, computer science or related field
CISSP, CEH and/or CSSLP Certifications
Technical certifications in software and systems design and development
Required Job Skills
Deep .NET and Java knowledge, certified developer or expert-level knowledge with .NET and Java and related technologies with security tools.
Expert knowledge application security technologies and authentication protocols.
Excellent communication skills to document and explain security vulnerabilities and technical risks to a technical audience and business audience.
Intermediate skill in use of office equipment, including copiers, fax machines, scanner and telephones.
Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
Strong experience in System Architecture, Design, Development and integration and deployment of multi-tier mission critical application systems
Knowledge and demonstrated experience designing multi-tier, highly available, multi-threaded, and scalable architectures
Demonstrated application of architectures and designs that employ design patterns
Highly developed oral and written communication skills as well as presentation skills. Interest in all aspects of application security research and development
Familiarity with fundamentals of software configuration management, automated build processes, and source code control systems.
Strong database background and experience with Oracle or MS SQL Server.
Experience in developing, deploying REST API or SOAP based Web Services for application integration services.
Experience with PKI, Hardware Cryptographic Modules
Expert technical skills related to analysis and design techniques for batch, real-time, and online systems
Advanced knowledge and experience with application technologies implemented within delivery organization
Advanced skill in computer system validation including SOP development, implementation and adherence
Advanced Knowledge of hardware, software, telecommunications, operating systems, and applications.
Experience working with high volume, transactional, large capacity systems in a 24×7 environment.
Experience and knowledge of Agile practices.
Required Professional Competencies
Ability to take appropriate risks, using available data.
Ability to build synergy with a diverse team in an ever-changing environment
Anticipate downstream technical needs and steer architectural designs to appropriately factor in considerations.
Strong analytical skills to support independent and effective decisions.
Strong verbal and written communications skills and the ability to interact professionally with a diverse group of executives, managers, and subject matter experts.
Highly skilled at designing and implementing multiple tier architecture solutions, developing high-performance and secure systems and system integration
Work effectively with management, project managers, business analysts, developers, engineers, architects, system administrators, and QA to conceive, design, and deliver successful software solutions.
Able to operate at varying levels of abstraction including business and product strategy, design, and implementation
Required Leadership Experience and Competencies:
Provide leadership, promote teamwork, meet objectives, and exercise independent judgment
Experience leading and implementing projects and working collaboratively with other departments levels
Ability to prioritize tasks and work with multiple priorities, sometimes under limited time constraints
Preferred Job Skills
Knowledge of HIPAA security and privacy standards.
If you are interested in this opportunity, please send us your resume, availability to interview and salary requirements immediately. If you are not and know of someone that qualifies or is looking for opportunities, please forward their contact information. We compensate for referrals that are successfully placed.