A consumer-facing financial services application company which helps its users establish financial independence is expanding their Application Security team! They are looking for a Application Security Engineer who has notable experience providing security guidance and contribute across the product and engineering teams.
Candidates will be tasked with automating the security testing to improve the SDLC workflow and help write secure services and applications across the organization. Additionally, candidates will need to perform vulnerability testing, risk analysis, and security assessments across the infrastructure.
You must have a solid understanding of testing for the OWASP Top 10, and be able to breakdown Security to both Developers and Management. Required Skills & Experience
Desired Skills & Experience
- 6+ years as a Security Engineer with a strong emphasis on Application Security and Penetration Testing (Java)
- 6+ years working with tools such as Kali Linux, Burpsuite, Netsparker, Acunetix, Nessus, etc.
- 6+ years working with Application Security tools such as Arxan, Burpsuite, Appscan, NetSparker, Nessus, Hailstorm, etc.
- OWASP, PCI, HIPAA
- Strong Risk Management background (Nessus, Qualys)
- SIEM Engineering (Splunk, QRadar)
- Incident Response
- Prior software development experience (Java)
What You Will Be Doing
- Bachelor's Degree in CS
- 60% Dynamic Application Security Testing
- 40% Vulnerability and SIEM
- 80% Hands On
- 20% Management Duties
- Competitive Salary: Up to $175,000 /year, DOE
You will receive the following benefits:
- Medical Insurance & Health Savings Account (HSA)
- Paid Sick Time Leave
- Pre-tax Commuter Benefit
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.