Skip navigation

Principal Security Consultant, Application Security

Job Description


If you have multiple years of application security assessment experience, enjoy
the challenge of working with customers to analyze, identify, and report
application vulnerabilities, and eager to become part of the leadership team of
a growing consulting practice, then, we have the opportunity for you!



This position:
Is focused on providing application
security consulting services, including, but not limited to, automated and
manual run-time assessments, automated and manual code reviews, application threat
modeling, and secure SDLC review and development services.
Requires excellent written and verbal
communication skills and demonstrated technical depth and breadth of expertise
in security, programming, and application vulnerabilities.
Provides the opportunity to
participate in multiple aspects of the consulting role, such as, services
delivery, training, pre-sales, requirements collection, and project scoping.

Job Requirements

A minimum equivalent of experience and/or education that would provide the
relevant knowledge and abilities to perform the type of work described herein.
Education: Achievement of a relevant
Bachelor’s Degree or equivalent years of relevant coursework, training, and
experience in programming, networking and security fundamentals, application security,
and database security.
Experience: More than seven years of
relevant Application Security experience, including web and mobile application
security assessments, source code analysis, enterprise application development,
application security vulnerability research, analysis and consulting, and
vulnerability management mitigation, and remediation.
Expert knowledge of automated
application security scanning tools such as IBM AppScan and AppScan Source, HP WebInspect
and Fortify, or similar commercial solutions and toolset
Expert knowledge of manual
assessment tools such as HTTP Proxies (Burp Suite Pro, Webscarab, Spike),
browser plug-ins (Web Developer Toolbar, Firebug), automation scripts
(Perl/Python), fuzzers (w3af, Peach), or similar commercial and open source tools
Expert knowledge of application security
assessment and code review methodologies
Expert knowledge of application
security vulnerabilities, remediation and mitigation techniques, and secure
coding practices
Working knowledge of object oriented
programming and design fundamentals
Expert knowledge of web technologies
(.ASP, .NET, Java)
Working knowledge of Application
Security Maturity Models (OpenSAMM, MS SDL)
Experience with business and
functional requirements collection
Experience in providing technical
oversight over other project team members to maintain engagement quality
Experience in delivering security
awareness training
Experience in speaking or presenting
at national and local security conferences and events, or equivalent thought
leadership activities
Working knowledge of networking,
network design, and network security
Exposure to a range of security
products such as Authentication, Firewalls, and Intrusion Detection and
Prevention Systems
Strong leadership and organizational
Excellent written and verbal
communication skills
Excellent facilitation skills and
ability to lead group discussions
Experience in mentoring and coaching
Ability to lead teams under
demanding circumstances to accomplish project team objectives
Strong analytical skills to
troubleshoot technical problems and determine resolution
Advanced Technical Degrees
Certification (OSCE, CISSP, SANS)
Although FishNet Security has attempted to accurately and thoroughly describe this
position, we reserve the right to change, add to or subtract from the duties
outlined, within the sole discretion of FishNet Security, at any time, with or
without advance notice.
We are an equal opportunity employer.  We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other protected characteristics. 

Job Snapshot

Post Date 8/20/2014
Location Miami, FL
Employment Type Full-Time
Job Type Consultant, Professional Services
Education 4 Year Degree
Experience Not Specified
Manages Others Not Specified
Industry Other Great Industries
Required Travel Not Specified
Job ID 2013-1970
CareerBuilder Tip:
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using you are agreeing to comply with and be subject to the Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.