Skip navigation

Sr Security Consultant, Application Security

Job Description

Overview:

CANDIDATES CAN LIVE ANYWHERE IN THE CONTINENTAL U.S.



If you have multiple years of application security assessment experience and enjoy the challenge of working with customers to analyze, identify, and report
application vulnerabilities, then, we have the opportunity for you!



Responsibilities:

Is focused on providing application security consulting services, including, but  not limited to, automated and manual run-time assessments, automated and manual code reviews, application threat modeling, and secure SDLC review and development services.


Requires excellent written and verbal communication skills and demonstrated technical depth and breadth of expertise in security, programming, and application vulnerabilities.


Provides the opportunity to participate in multiple aspects of the consulting role, such as, services delivery, training, pre-sales, requirements collection, and project scoping.

Job Requirements

REQUIRED EDUCATION/EXPERIENCE:

A minimum equivalent of experience and/or education that would provide the
relevant knowledge and abilities to perform the type of work described herein.


Education: Achievement of a relevant Bachelor’s Degree or equivalent years of relevant coursework, training, and experience in programming, networking and security fundamentals, application security, and database security.


Experience: Five to eight years of relevant Application Security experience, including web and mobile application security assessments, source code analysis, enterprise application development, application security vulnerability research, analysis and consulting, and vulnerability management mitigation, and remediation.

REQUIRED SKILLS/KNOWLEDGE:


Working knowledge of automated application security scanning tools such as IBM AppScan and AppScan Source, HP WebInspect and Fortify, or similar commercial solutions and toolset


Working knowledge of manual assessment tools such as HTTP Proxies (Burp Suite Pro, Webscarab, Spike), browser plug-ins (Web Developer Toolbar, Firebug), automation scripts (Perl/Python), fuzzers (w3af, Peach), or similar commercial and open source tools


Working knowledge of application security assessment and code review methodologies


Working knowledge of application security vulnerabilities, remediation and mitigation techniques, and secure coding practices


Working knowledge of object oriented programming and design fundamentals


Expert knowledge of web technologies (.ASP, .NET, Java)


Exposure to Application Security Maturity Models (OpenSAMM, MS SDL)


Experience with business and functional requirements collection


Strong leadership and organizationalskills


Excellent written and verbal communication skills


Excellent facilitation skills and ability to lead group discussions


Experience in mentoring and coaching staff


Ability to complete assigned tasks or projects with limited supervision


Ability to work under demanding circumstances and accomplish objectives


Strong analytical skills to troubleshoot technical problems and determine resolution

PREFERRED SKILLS/KNOWLEDGE:


Advanced Technical Degrees


Certification (OSCE, CISSP, SANS)


Ability and experience in delivering security awareness training


Experience in speaking or presenting at national and local security conferences and events


Working knowledge of networking, network design, and network security


Exposure to a range of security products such as Authentication, Firewalls, Intrusion Detection and Prevention Systems

Although FishNet Security has attempted to accurately and thoroughly describe this position, we reserve the right to change, add to or subtract from the duties
outlined, within the sole discretion of FishNet Security, at any time, with or
without advance notice.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.



*LI-AG1

Job Snapshot

Post Date 3/24/2014
Location Boston, MA
Employment Type Full-Time
Job Type Consultant, Professional Services
Education 4 Year Degree
Experience Not Specified
Manages Others Not Specified
Industry Other Great Industries
Required Travel Not Specified
Job ID 2013-1969
CareerBuilder Tip:
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder.com you are agreeing to comply with and be subject to the CareerBuilder.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.