Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

Application Security Engineer

  • Location

    Salt Lake City, UT

  • Sector:

    Technology, Cyber Security

  • Job type:

    Permanent

  • Salary:

    90k - 170k

  • Contact:

    Gerald Mitter

  • Contact email:

    g.mitter@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Job ref:

    HE-903

  • Published:

    about 2 months ago

  • Expiry date:

    2020-12-10

  • Startdate:

    ASAP

Primary Responsibilities:
• Performs static/dynamic code testing, manual code inspection, threat modeling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
• Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
• Serves as a Subject Matter Expert (SME) in web application security for enterprise projects during development phases to provide Information Security consulting and recommendations, ensuring the implementation of approved security requirements.
• Develops and implement manual and automated web application security testing of e-commerce web applications to enforce security standards.
• Works with security product vendors and service providers to evaluate security offerings, including product evaluations, proof of concept and pilot installations

Qualifications:
• Bachelor's degree in Computer Science, Software Engineering or related field or equivalent combination of education and experience
• 3-5 years of experience in performing penetration testing, secure code review, static, dynamic and manual source code review.
• Experience in identifying and remediating common web application vulnerabilities such as OWASP Top 10.
• Experience in use of various commercial and open source penetration testing tools and methodologies and performing penetration testing of web applications and operating systems.
• Familiarity with APT attack and kill chains.
• Experience with various code repositories including GitHub and Apache Subversion (SVN)
• Experience with continuous integration servers such as Jenkins and ElectricCommander