Senior Application Security Specialist

LLoydIT  •  Newark, NJ and New York, NY

5 - 7 years experience  •  Information Services

$100K - $120K
Posted on 03/06/18 by Brian Green
LLoydIT
Newark, NJ
5 - 7 years experience
Information Services
$100K - $120K
Posted on 03/06/18 Brian Green

Senior Application Security Specialist

Location: NJ, NYC or Long Island  Type: Full/Time Staff position

Position your career with a leading financial services organization that has made major investments into growing their Securitytechnology teams.

The idea candidate will have security expertise in the following:

? Expertise of common web technologies and frameworks

? 5+ years of hands-on Application Securityexperience

? Deep understanding of OWASP testing methodologies

? Penetration testing, vulnerability assessments

? Knowledge of multiple programming languages and Databases

The Sr. Application Security Specialist will perform security assessments of web-based applications including code review, vulnerability assessments, and penetration testing.

Other responsibilities:

?        Conduct application vulnerability scans and manual penetration testing on applications.

?        Conduct source code scans and manual code review on application code.

?        Formulate finding details outlining vulnerabilities, potential impact and recommended remediation.

?        Interact directly with development teams to review findings and provided code level remediation advice.

?        Provide leadership and mentorship for security initiatives and mentor junior team members.

Seeking the following Qualifications:

Bachelor or higher degree in Computer Science, Computer Engineering, or similar discipline.

5+ years of hands-on Application Securityexperience

Expertise of common web technologies and frameworks.

Deep understanding of application security weaknesses and vulnerabilities, remediation and mitigation techniques, and secure coding practices.

Deep understanding of manual testing tools (e.g., Burp Suite, browser plugins, bespoke scripts) and methods.

Comprehensive knowledge of automated application security scanning tools such as HP WebInspect and Fortify, or similar commercial solutions and toolset.

Deep understanding of OWASP testing methodologies. 

Comprehensive knowledge of multiple programming languages - .ASP, .NET, Java, C#, etc.

Comprehensive knowledge of databases -- Oracle, Microsoft SQL, DB2, etc.

Excellent communication skills; oral and written English language skills are critical.

Willingness to learn, discover, experiment, and test for vulnerabilities.

Ability to adapt to changing technology environments and requirements.

Know the latest on new software platforms.

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.