Job Details

ID #44701351
State Illinois
City Chicago
Job type Permanent
Salary USD $119,000 - $132,000 119000 - 132000
Source Request Technology, LLC
Showed 2022-08-08
Date 2022-07-19
Deadline 2022-09-17
Category Et cetera
Create resume

Applications Security

Illinois, Chicago, 60290 Chicago USA

Vacancy expired!

NO SPONSORSHIPApplication SecuritySALARY: $119k-$132k 8%-15% bonusSecurity Initiatives, Docker Containers and scripting. Vulnerability management and administration automated security scanning develop scripts and write containers troubleshoot developer issues applications penetration testing application vulnerability management CI/CD pipelines Docker Jenkins Github SVN Terraform JAVA C Python JavaScript OWASPThis position works closely with other members of the Security Services, IT Development Teams and Quality Assurance teams to support application and software security initiatives, projects, and operations. Responsibilities include integrating of security tools into the development pipeline using Docker containers and scripting, vulnerability management, and administration of automated security scanning tools to support the confidentiality, integrity and availability of enterprise applications.

  • Develop scripts and write containers to integrate Security tools into the development pipeline
  • Assist development teams with interpreting results from pipeline verification reports to facilitate vulnerability remediation
  • Troubleshoot developer issues with running security scans in the pipeline

Application Security Testing
  • Assist with application penetration testing
  • Assist with retesting vulnerabilities to verify the development teams have remediated
  • Review reports of the testing and conduct security risk assessment of the vulnerabilities
  • Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls.

Qualifications:
  • Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others.
  • Highly motivated individual that assumes ownership of their projects
  • Ability to act as a liaison between security and the development, IT, and QA teams.
  • Strong desire and capacity to learn and support new technical applications
  • Exceptional verbal communication skills that include the ability to articulate ideas clearly and concisely

Technical Skills:
  • Knowledge of scripting languages including Java, C, Python, JavaScript, Bash
  • Familiarity with application frameworks and their built-in security services and API’s (i.e., Sun J2EE, MS .NET, OMG CORBA, Spring, etc.)
  • Knowledge of security architecture design and principles including confidentiality, integrity and availability.
  • Knowledge of automated code scanning tools (i.e.,) and development pipeline tools (i.e.,)
  • Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (e.g. OWASP).
  • Familiarity with application authentication and authorization systems (i.e., CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP)
  • General knowledge of cryptography (symmetric and asymmetric encryption, digital signatures, message digests, certificates, PKI, SSL/TLS, etc.)
  • Fundamental understanding of network and data communications technologies
  • Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments
  • Knowledge of Secure DevOps concepts

Education and/or Experience:
  • Bachelors degree in Cybersecurity, Computer Science, Management Information Systems, or related field or the equivalent combination of education and/or relevant experience
  • Experience writing scripts and working with containers in a CI/CD pipeline
  • At least 3+ year experience in Security-related roles or equivalent training/knowledge of security best practices and OWASP and NVD
  • Experience with SDLC and working with business users, database analysts, system architects, etc., to identify and prioritize requirements
  • Exposure to security architecture design through application development or knowledge of security concepts/best practices
  • Previous work in development, architecture or quality assurance testing may be applicable to the position requirements.

Vacancy expired!

Subscribe Report job