Senior Application Security Specialist
Location: NJ, NYC or Long Island Type: Full/Time Staff position
Position your career with a leading financial services organization that has made major investments into growing their Securitytechnology teams.
The idea candidate will have security expertise in the following:
? Expertise of common web technologies and frameworks
? 5+ years of hands-on Application Securityexperience
? Deep understanding of OWASP testing methodologies
? Penetration testing, vulnerability assessments
? Knowledge of multiple programming languages and Databases
The Sr. Application Security Specialist will perform security assessments of web-based applications including code review, vulnerability assessments, and penetration testing.
? Conduct application vulnerability scans and manual penetration testing on applications.
? Conduct source code scans and manual code review on application code.
? Formulate finding details outlining vulnerabilities, potential impact and recommended remediation.
? Interact directly with development teams to review findings and provided code level remediation advice.
? Provide leadership and mentorship for security initiatives and mentor junior team members.
Seeking the following Qualifications:
Bachelor or higher degree in Computer Science, Computer Engineering, or similar discipline.
5+ years of hands-on Application Securityexperience
Expertise of common web technologies and frameworks.
Deep understanding of application security weaknesses and vulnerabilities, remediation and mitigation techniques, and secure coding practices.
Deep understanding of manual testing tools (e.g., Burp Suite, browser plugins, bespoke scripts) and methods.
Comprehensive knowledge of automated application security scanning tools such as HP WebInspect and Fortify, or similar commercial solutions and toolset.
Deep understanding of OWASP testing methodologies.
Comprehensive knowledge of multiple programming languages - .ASP, .NET, Java, C#, etc.
Comprehensive knowledge of databases -- Oracle, Microsoft SQL, DB2, etc.
Excellent communication skills; oral and written English language skills are critical.
Willingness to learn, discover, experiment, and test for vulnerabilities.
Ability to adapt to changing technology environments and requirements.
Know the latest on new software platforms.