Vacancy expired!
Hi Job Seekers, Hope you are doing great Currently, we have a job opening of Application Security Engineer with our client based out in Goodlettsville TN. If you are interested then please reply me with your updated resume to or call me at 9088540421 Responsibilities:
- Conduct security testing of web/mobile applications and web services/APIs, including source code security analysis (SAST) and dynamic (DAST) testing using a combination of commercial, open-source tools, and manual testing methods
- Perform security reviews of network infrastructure and endpoints hosted within the internal network as well as SaaS environments
- Adhere to best practice frameworks (e.g. OWASP)
- Use threat modelling tools to explore potential application, network, and infrastructure security-related threats
- Deliver timely and accurate security testing results to both technical and non-technical audiences
- Track and follow-up on remediation of identified security risks
- Act as liaison between application security teams, development teams, business units and vendors
- Provide subject matter expertise in security best practices and standards to ensure compliance with company security standards.
- Work closely with business units to determine work estimates and scope
- Propose and implement ideas to enhance and automate security-related processes
- Stay current on emerging technologies, products, and trends related to security solutions and testing techniques
- 3-5 Years Combined Experience in 2 or More of the Following:
- Web Application Security Testing
- Mobile Application Security Testing
- API Security Testing
- Network Penetration Testing
- Source Code Security Analysis
- DAST (e.g. Fortify WebInspect, Fortify WebInspect Enterprise, IBM AppScan)
- SAST (e.g. Fortify SCA, Checkmarx CxSAST)
- Development Collaboration Platforms (e.g. Fortify SSC, Gitlab, Jira)
- Web Proxy Tools (e.g. BurpSuite Professional / BurpSuite Enterprise, OWASP ZAP)
- Open-Source Testing Tools (e.g. Nmap, OpenSSL, Metasploit, SQLMap)
- Firewalls (Network, Host, and Web Application)
- Cloud Hosting
- Containerization
- DNS, Routing, and other Common Networking Principles
- Directory Services / Active Directory
- Web Server Platforms (IIS / Tomcat)
- API / Web Services
- PKI / Web Certificates
- Familiarity with Compiled/Scripting Languages (e.g. C#, JavaScript, Python, Java, Swift, Kotlin)
- Strong, effective written and oral communications skills
- Ability to clearly communicate pragmatic security risk and remediation recommendations to technical (e.g. developers) and non-technical audiences
- Ability to work independently with minimal supervision
- College degree in relevant fields or equivalent professional experience
- Software development background
- Active certification preferred (e.g. OSCP, OSWE, CSSLP, CISSP)
Vacancy expired!