Friday, November 13, 2015

URGENT REQ:: Applications Security Engineer ll Wilmington, DE ll 6 Months+

 

URGENT HIRING FOR:::

 

Position Title: Applications Security Engineer 

Location: Wilmington, DE

Contract: 6 Months+

 

 

$DOE /Hr

Phone Then Skype           

 

MUST HAVE SKILLS:

 

Department: Technology

Reports To: Lead Security Solutions

 

Position Summary:

This role will be responsible for the Application Risk Program Management.  The individual will ensure the Security of all applications and systems running in the BCUS domain.  This includes understanding all existing web based (Java & .NET) and other third party applications running in the environment, reviewing security provisions of all new applications and major changes in the environment.  Penetration testing of various application systems on a regular basis is a required skill along with managing and reviewing the work of other testers including contract testers.  Reporting to Management on a regular basis through well-defined metrics is required.  This individual should have business acumen and detailed understanding of the Software development lifecycle.  Work with application development team leads to ensure application security is aligned with policy, security best practices and business needs

 

Essential Functions:

Experience and knowledge in a corporate environment with the following;

·         Support projects within the SDLC and Agile environments with applications security testing penetration testing and vulnerability management functions.

·         Perform Web / Mobile application security assessments and penetration testing on projects and/or releases; produce detailed risk reports with identified vulnerabilities and remediation recommendations.

·         Conduct static and dynamic code analysis as needed to support release cycles.

·         Work closely with development team during the envisioning and development process to guide secure design and secure coding practices.

·         Manage web application firewall through log analysis, system tuning and

·         Evaluate, track, and ensure compliance of high and critical vulnerabilities; develop, maintain and update scorecards to reflect vulnerabilities and communicate to end users.  

  • Implement security solutions, and provide technical leadership during the design, development, and testing phases of major initiatives.

 

Other Responsibilities:

  • All other related duties as assigned.

 

 

Knowledge, Skills, Education, Experience, and Competencies:

·         Knowledge of the software development lifecycle in a large enterprise environment including agile processes and practices.

·         Experience with performing manual and automated code review and develop/propose /enforce secure coding standards and policies.

  • Knowledge of in the OWASP top 10 and related exploitation techniques, including but not limited to cross-site scripting, SQL injections, session hijacking and buffer overflows to obtain controlled access to target systems.

·         Good Understanding of various web application architectures and web technologies ( Java, MS .NET etc.)

·         Experience in application firewalls, and intrusion prevention systems (e.g. Mod security) Experience with commercial application scanning tools (DAST) like IBM's AppScan, HP's WebInspect, etc.

·         Experience with commercial static analysis tools (SAST) like HP's Fortify, Klockworks etc.

·         In-depth knowledge of any proxying and/or fuzzing tools such as Paros, Burp, WebScarab, OWASP ZAP etc.

·         Familiar with WebServices technologies like XML, SOAP, and AJAX.

·         Understanding of server and client side application development  , Middleware software's (Oracle's WebLogic, IBM's WebSphere, Apache Tomcat )

  • Proficiency in utilization of information security tools such as Nmap, Nessus, Burp Suite, Kismet, and Metasploit; manual techniques to exploit vulnerabilities in networks and applications.
  • Industry security certifications preferred (CISSP, CISA, CCNA etc)

Desired Certifications:

  • Industry certifications preferred CEH, OSCP, GWAPT, LPT or ECSA
  • Additional certification desirable CSSLP and GSSP

 

 

Please reply with expected salary:

 

SKYPE ID:
Phone #:
Start Date Availability:
Degree Major (Name of Institution / Board, year of passing):
Two Time Slots for Interview:

 

 

 

Thanks & Regards,

 

HRIDESH

IDC TECHNOLOGIES INC | 1851 McCarthy Boulevard, Suite 116, Milpitas, CA , USA, 95035

 

Direct: 408-457-9381 Ext.:- 4061| Email: Hridesh@idctechnologies.com i web: www.idctechnologies.com


"Under Bill s. 1618 Title III passed by the 105th U.S. Congress this mail cannot be considered spam as long as we include a way to be removed from our mailing list. Simply send us an e-mail with REMOVE in the subject and we will gladly REMOVE you from our mailing list."

 

 

 

 

--
You received this message because you are subscribed to the Google Groups "US Jobs: Requirements, Clients and Consultants" group.
To unsubscribe from this group and stop receiving emails from it, send an email to recruiters-r-us+unsubscribe@googlegroups.com.
To post to this group, send email to recruiters-r-us@googlegroups.com.
Visit this group at http://groups.google.com/group/recruiters-r-us.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment

AddThis Smart Layers

Attention

The job offers on this web site are not related with jobs724.blogspot.com and the owner of the website. These job offers indexed by RSS feed from Google Groups about Online Job offers, Software Jobs, IT Jobs, Recruiters&Consultants, USA Jobs etc. This site does not reserve any rights to, nor claims copyright to, any software names listed on these pages. All references are copyright to their respective owners. If you want to apply for any job, you need to contact with the owner of job, not with any admins of jobs724.blogspot.com. If you have any doubts about legality of content or you have another suspicions, feel free to contact us.

Find the latest software jobs, Talent from US and Canada. ASP.NET, VB.NET, C#, ADO.NET, Consultamcy, ASP.NET, VB.NET, C#, ADO.NET, Consultamcy SAP, client-server, e-commerce and web development etc., SAP APO Green Card H1B, B1, JAVA J2EE, RMI, XML, weblogic, websphere JDBC

Stay Updated!

We have indexed IT job opportunities and counting! Don't miss any chance. Subscribe us and get the latest IT jobs listings to your inbox!

Jobs Archive