Application Security Engineer (W2)

Hi,

The following requirement is open with our client.

Title                                      : Application Security Engineer (W2)

Location                              : Fort Mill, SC (Onsite)

Duration                              : 12+ Months 

Relevant Experience (in Yrs.): 6+

Rate:                                       $60/hr on W2

Job Description:

• ·         Application security Pen tester profile with some experience in development
• ·         Competencies: 4-6+ years experience
• ·         Digital : Python
• ·         Digital : Node.js
• ·         Digital : ReactJS
• ·         Security Testing
• ·         ASP.NET 4.5
• ·         Essential Skills:
• ·         *** Application security Pen tester profile with some experience in development
• ·         Technical Skills Strong understanding of internet architecture.
• ·         Skilled in security testing (SAST, DAST, SCA, OWASP Top 10).
• ·         Ability to verify vulnerabilities and manual testing.
• ·         Familiar with security platforms (Checkmarx, AppScan, Fortify, Veracode, etc.).
• ·         Experience with web services, JSON, and API testing.
• ·         Conducting vulnerability assessments and communicating security issues.
• ·         Proficient in programming (.NET, C, C, Java, Python).
• ·         Knowledge of OOP concepts and JavaScript (Node, React).
• ·         1-3 years of web development experience (HTML, ASP, ColdFusion, JSP, Node.js, React).
• ·         Knowledge of pipeline integration and source code management (Jenkins, GitHub, etc.).
• ·         knowledge of relational databases (SQL Server, MySQL).
• ·         Ability to write and understand SQL.
• ·         Basic knowledge of Azure.
• ·         Role Description:
• ·         Responsibilities Schedule and perform regular application tests.
• ·         Conduct penetration tests on important software and systems.
• ·         Test changes before they go live.
• ·         Analyze and validate vulnerabilities.
• ·         Track and report testing activities.
• ·         Present findings to stakeholders.
• ·         Maintain dashboards for vulnerabilities.
• ·         Improve asset management processes.
• ·         Enhance threat modeling.
• ·         Review source code and identify duplicates.
• ·         Use security testing tools (e.g., Fortify, Burp Suite).
• ·         Automate security scans and integrate with CICD pipelines.
• ·         Collaborate with developers to improve security practices.
• ·         Support incident response and investigations.
• ·         Perform various security tests (penetration, purple team, red team)
• ·         Technical Skills Strong understanding of internet architecture.
• ·         Skilled in security testing (SAST, DAST, SCA, OWASP Top 10).
• ·         Ability to verify vulnerabilities and manual testing.
• ·         Familiar with security platforms (Checkmarx, AppScan, Fortify, Veracode, etc.).
• ·         Experience with web services, JSON, and API testing.
• ·         Conducting vulnerability assessments and communicating security issues.
• ·         Proficient in programming (.NET, C, C, Java, Python).
• ·         Knowledge of OOP concepts and JavaScript (Node, React).
• ·         1-3 years of web development experience (HTML, ASP, ColdFusion, JSP, Node.js, React).
• ·         Knowledge of pipeline integration and source code management (Jenkins, GitHub, etc.).
• ·         knowledge of relational databases (SQL Server, MySQL).
• ·         Ability to write and understand SQL.
• ·         Basic knowledge of Azure.
•  

Must-Have Skills:

• ·         AppSec
• ·         OWASP
• ·         Fortify
• ·         Python
• ·         DevSecOps

Grace

Technical Recruiter |ASCII Group LLC. 

Email:  |Direct:

38345 W. 10 Mile Rd, Ste.#365; Farmington, MI 48335