Icon hamburger
US
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
I2p2hf6w10t2xm32vys

Application Security Engineer

E Business Staffing, Inc. Dallas Contractor
$62.00 - $68.00 / hour
Apply Now

Job 25838 for a 12 mos. contract, it could be extende.


Must be able to be on our direct payroll, and must be able to interview in Dallas, TX for the second round of the interview process.  


The Application Security Engineer will be a part of the Cybersecurity Team focused on general application security, DevSecOps principles, and code quality. The Cybersecurity Team works with application development teams to ensure technology security and vulnerabilities are addressed and remediated throughout the system development life cycle (SDLC). As a senior member of the team, your focus will be building and maintaining relationships with different business units, influencing and injecting secure ideas into the roadmap, promoting best security practices, solving world-class security challenges, and pushing your engineering knowledge and expertise while continuously penetration testing our compute ecosystem.

Five member cross-functional Team consisting of Senior and Principle engineers with diverse background, cultures, and experience. Team operates in an Agile Scrumban method and works directly with application development teams. Will be instrumental in defining and implementing Application Security and DevSecOps strategies for our client in Dallas, TX

• 5+ years in application penetration testing
• 5+ years in software development
• Ability to work in a highly collaborative and dynamic, cross-functional team
• Conduct application security assessments and penetration tests (web, mobile, web service, etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools and/or code review tools
• Perform threat models and risk assessments to characterize the risk and severity posture of large-scale commercial or in-house enterprise applications
• Experience programming and scripting and ability to develop or adapt custom tooling to solve new needs
• Experience performing baseline static/dynamic application security assessments (SAST/DAST) on new applications and changes to applications
• Write a security assessment and application threat profile reports
• Maintain partnerships with application development teams, participate in corrective action plans for identified issues
• Articulate risk and business impact to stakeholders
• Provide on-the-job training and mentoring to other members of the team
• Track and research the latest developments in vulnerability research
• Strong understanding of vulnerabilities, common attack vectors and how to resolve them
• Attacker mindset: ability to think about creative threats and attack vectors
• Well-rounded background in host, network and application security
• Familiarity with cloud platforms (preferably AWS)
• Experience with Agile Practices like Scrum, Kanban, CI, CD preferred

Preferred
• DevSecOps knowledge of areas such as tools/capabilities, monitoring, scripting, and metrics preferred
• Experience delivering secure application development and application security testing training
• Familiarity with OAuth2.0 and OpenId Connect protocols
• Working knowledge of industry and commonly adopted secure standards, practices (e.g. applicable NIST standards, CIS, ISO, OWASP, SANS, BISMM, and CERT) 
• Certifications (Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) GIAC Certified Forensic Examiner (GCFE)), training on hands on exploit development are plus 
• Administration experience with any of the following: Nessus, Rapid7, Burp Suite, Metasploit and other scanning and analysis solutions.
• Airline or travel industry experience a bonus

Skills required

Intrusion Detection And Prevention
Network Security
Microsoft Antivirus
Wireshark
Authentications
Public Key Infrastructure
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

CAREERBUILDER TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.