- Work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile and more
- Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
- Create threat models that result in more secure application design
- Design and develop security testing scenarios
- Analyze and present results of testing to team members, managers and customers
- Write detailed problem reports, test plan documents, and mitigation recommendations as needed
- Develop tools to aid penetration test automation and effectiveness
- Review code for common security vulnerabilities
- Possible travel to client sites to conduct in-person security reviews and assessments
- Proactively Scan Perimeter network for vulnerabilities (Hosts, Ports, Applications, TLS)
- Monitor Application log files for active attacks (Develop Monitoring and Alerts for log systems)
- Keep adept on newly emerging threats and provide guidance and verify mitigations to these threats
- Be in an on-call rotation ready to provide incident response within 1 hour during work hours or 2 hours off hours
What we're really looking for, even if your resume doesn't say it, is someone versed and capable in one or many of the following areas:
- Penetration Testing and Ethical Hacking
- Dynamic and/or Static Code Analysis
- Software Development
- Interest in conducting security research
What we expect of our applicants:
NICE TO HAVES
- B.S. in Computer Science or related degree
- Minimum 5-years of experience in a technical role
- Completed CISSP, CISA, CEH, CAP, Security+, or a similar security certification
- Develop custom security tools to improve coverage and validate findings
- Work with Agile, GIT, and release planning
- Penetration testing methodologies, tools, and tactics such as Fuzzing, GDB, Burp, Nmap, OWASP, Metasploit, Sqlmap, dynamic/static analysis
- Penetration testing and white hat hacking
- Incident response for PCI-compliant systems in a large production environment (over 1,000,000 users)
These skills are not required, but if you have any of them, you are likely a good candidate for the position:
- Develop in Perl, Java EE, Python, and C/C++
- Develop on Linux and Windows platforms
- Enterprise services such as LDAP, SAML, API Gateways, secure web services
- Familiarity with Informix Database
- Participation in Bug Bounty programs
- Detail oriented and dependable
- Good sense of humor
Intrusion Detection And Prevention
Public Key Infrastructure
Based on Job Title, Location and Skills
Apply to this job.
Think you're the perfect candidate?
Help us improve CareerBuilder by providing feedback about this job:
Report this job
Report this Job
Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our
Trust and Site Security Team
Job ID: 2019-122
privacy and protection,
when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.
By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder
Terms and Conditions
for use of our website. To use our website, you must agree with the
Terms and Conditions
and both meet and comply with their provisions.
As an executive search and management recruiting firm, Dunhill Professional Search matches top talent around the nation with some of the best career opportunities out there. Our clients are in a variety of industries including: information technology, electronics manufacturing, defense, aerospace, energy, and health informatics. That means we have access to a variety of exciting opportunities. So whether you are an experienced professional or just getting started, we can help. With over 15 years of experience in federal contracting experience, we are also partnered with a number of federal contractors and have the knowledge in the space to help you transition to your next role whether you are interested in utilizing your security clearance, expanding your skillsets, or finding long-term stability.
View the full profile
Recognized for the integrity and ethics we provide to candidates and companies alike, we have become one of the nation’s finest executive search firms to partner with. Our experienced recruiters do more than just find you another job, they serve as your career agent and advisor.
From polishing resumes, to interview tips, or relocation assistance, you can count on us for the resources and guidance you need for a successful job search.
It’s time to start looking forward to Monday. Let us help you find the career that you deserve.
Join the Dunhill Professional Search Talent Network today and check out our current opportunities!