Security Application Engineer

Seattle (Bellevue, WA)

Long Term Project

Need GC and USC

Must have IBM App Scan, Fortify, BURP Suite, Kali Linux, SOAP UI, Application Test, Penetration Test expertise

Top Three Skills:

1) IBM App Scan

2) Web Services Tools (SOAP UI, BURP Suite, Kali Linux)

Job Description:

Security team is seeking an enthusiastic Security Application tester who will test applications for security compliance. The successful candidate will have experience with Enterprise Applications and Information Security. The scope of applications to be tested are software that are used to run its business, not software which is sold or provided to end customers. The type of applications range from web services to line of business applications to mobile or cloud applications. Candidates will be responsible for insuring all applications meet enterprise minimum security specifications and escalate for potential deviations when they do not. Being able to communication clearly, establish partnerships with team members and stakeholders as well as potentially offload portions of the work to staff augmentation resources will be required.

Essential Functions

• Perform security, compliance, and risk assessments on projects throughout project lifecycle using sdlc, waterfall or rup methodologies

• Support information security review of new technologies, designs, and remediation planning efforts

• Investigates and identifies security needs & recommends plans/resolutions. Implements, tests & monitors info security improvements.

• Maintain visibility inside & outside of info security, interfacing with groups such as billing ops, application support, engineering ops, finance, legal, privacy, risk management, etc.

• Support info security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance

• Supports security projects driven by groups both internal and external to info security

• Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews

• Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them

• Solid understanding of Information Security in general and the specific behaviors that would secure Intel's information assets

• Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people

• Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges

• Ability to work well inside and outside the team. Exchanging ideas, knowledge, experience and thoughts can boost the quality and the efficiency of the solution, so great testers must always be eager to coordinate well with their team members and other teams as well.

• Great stakeholder management skills and experience due to the escalation process

If you are interested in the below position please forward your profile to preethib@usmsystems(dot)com or call me on 703 468 0398.