Sr. Application Security Engineer

Bridge Technologies and Solutions

$100K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in security, specifically within Vulnerability Management and Application Security.
  • Proficient with commercial application scanning tools like Acunetix, IBM's AppScan, and Burp Suite.
  • Familiarity with web technologies including XML, SOAP, AJAX, and various web frameworks (ASP.NET, J2EE, Zend).
  • Knowledge of web server configurations such as Microsoft IIS and Apache servers.
  • Experience with application-level attacks and bypassing security measures.
  • Ability to conduct secure code reviews using automated tools and provide insights on vulnerabilities.
  • Relevant certifications: CISSP, CEH, GWAPT, GPEN, OSCP.

Responsibilities

  • Conduct vulnerability assessments and manage Application Security initiatives.
  • Utilize application scanning tools to identify security gaps in applications.
  • Review and analyze web applications for vulnerabilities following OWASP Top 10 guidelines.
  • Collaborate with development teams to remediate identified security flaws.
  • Build and enhance automated toolsets for improved vulnerability analysis.
  • Perform secure code reviews and suggest remediation practices.
  • Stay updated with emerging threats and security technologies.

Benefits

  • Opportunity to work in a dynamic environment focused on security best practices.
  • Access to cutting-edge tools and technologies in application security.
  • Professional development opportunities including training and certifications.
  • Collaborative team culture that values security contributions and innovation.
  • Flexible work arrangements to support work-life balance.
Full Job Description
We need a resource who has experience working within a Vulnerability Management Program that understands Application Security with 5-7 years of security experience. • Experience with any of the following commercial application scanning tools such as Acunetix, IBM's AppScan, Client's WebInspect, NTOSpider, Cenzic's Hailstorm, Burp Suite Professional • Understanding of Web Services technologies such as XML, SOAP, and AJAX • Understanding of various web application frameworks such as ASP.NET, J2EE, Zend • Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat • Experience in application level attacks, bypassing firewalls, evading intrusion detection • Experience building automated tool sets or expanding existing toolset libraries • Secure code review experience using automated toolsets • Software Engineering career experience • Following Certifications: CISSP, CEH, GWAPT, GPEN, OSCP • Thorough understanding of software vulnerabilities • Knowledge of OWASP Top 10, SANS Top 25, CWE, WASC • Ability to demonstrate understanding of vulnerability remediation • Familiarity with malicious code identification and common hacker attack techniques • Ability to research and reproduce vulnerability exploitation • Understanding of advanced cryptographic concepts. • Ability to demonstrate manual testing experience including all of OWASP Top 10. Qualifications Skills Required • Excellent problem solving and analytical skills • Superior oral and technical writing communication skills • Independence, self-managed, and motivated • Knowledge of the Software Development Lifecycle in an enterprise environment • Programming experience in two of the following languages: C#, Java, Python, Ruby Additional Information

Similar Jobs

More Jobs at Bridge Technologies and Solutions

More Information Technology Jobs

Find similar Sr. Application Security Engineer jobs: