Application Security Engineer

  • Contract

Company Description

Jobsbridge

Job Description

• 5 years of relevant experience (8+ years preferred) --

o Writing and reviewing code with colleagues, each with different priorities, backgrounds, and abilities in several of: PHP, MySQL, AJAX, Java, Python, HTML/JavaScript, Perl, Scala, Node.js, Ruby, C++, C#, SQL, Delphi, and/or .net

o Unix or windows shell scripting

o BlackBox security testing, vulnerability scanning, and penetration testing

o Security code review

o Static Analysis Security Testing (SAST)

o Dynamic Application Security Testing (DAST)

o Mobile application security (iOS, Android, others)

o Threat/attack modeling

• Strong HTML/XHTML, JS and CSS skills preferred

• Experience developing in an Agile methodology desirable

• Solid administrative experience in both UNIX and Windows environments a plus

• Experience with web application firewalls preferred

• Experience with IDS/IPS signature development desirable

• Experience with crawlers, parsers, and web services a plus

• Experience in a highly technical hands on environment preferred


Knowledge, Skill, Abilities:

• Strong knowledge of secure development practices

• Deep knowledge of common web application vulnerabilities (e.g. XSS, CSRF, clickjacking) and their mitigation strategies

• Knowledge of system security vulnerabilities and remediation techniques

• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

• Knowledge of security across multiple disciplines (data, database, operating system)

• Strong understanding of threat modeling and security methodologies

• Familiarity with protocol analysis methods and cryptography

• Excellent English communications skills

• Ability to interact professionally with senior leadership and can articulate key messages to a range of technical and non-technical audiences

• High degree of self-sufficiency, ownership, and pride of deliverables

• Strong background in fundamental information security concepts required

• Strong analytical skills


Qualifications

Skill :  TCP/IP, UDP, IPSEC, HTTP, HTTPS

I'm interested