Application Security Engineer

  • location: Arlington, VA
  • type: Contract
  • salary: $70 - $80 per hour
easy apply

job description

Application Security Engineer

job summary:
This position is within the Information Security Department, on the Threat Management team. The developer will be responsible for collaborating with application development teams, project managers and DevOps team members to improve the security of Company applications across the SDLC. The engineer will require a thorough knowledge of Agile SDLC methodologies and Secure DevOps practices. The position requires strong secure application development, testing and automation experience.

 
location: Arlington, Virginia
job type: Contract
salary: $70 - 80 per hour
work hours: 8 to 6
education: Bachelors
 
responsibilities:
  • Assist the Threat Management team in developing, maintaining and executing the Company application security program
  • Build and maintain integration between application security products, bug trackers and CI/CD tools
  • Work with application developers and DevOps groups to maintain a detailed inventory of all web applications
  • Coordinates and supports application assessments
  • Develops reportable observations, findings and recommendations to relay to application developers and IT leadership
  • Manage the lifecycle of vulnerabilities discovered during application security scans
  • Participate in Red Team activities and Internal Penetration Testing
  • Strong communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
 
qualifications:
  • Four (4) year degree in Computer Science or related field, or equivalent work experience.
  • Four (4) years of progressively responsible information systems and application security engineering experience that demonstrates an understanding of the required knowledge, skills, and abilities
  • Four (4) years of Node.js experience
  • Five (5) years of .NET development experience
  • Five (5) years of experience in HTML, CSS, JavaScript, and jQuery
  • Strong familiarity with OWASP Top 10 web vulnerabilities and how to engineer software to avoid them
  • Knowledge of and experience working in an Agile SDLC model
  • Experience working with DAST and SAST products, preferably IBM AppScan and Veracode
  • Experience integrating DAST and SAST capabilities into a CI/CD pipeline, experience with TeamCity preferred
  • Experience with a scripting language (Python, Ruby, Perl, etc.)
  • Experience working with third party security vendors
  • Strong proficiency in active listening and the ability to learn quickly
  • Ability to communicate technical security concepts to a diverse audience (written and verbal)
  • Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
  • Database Experience (DBA or security penetration testing)
  • Web Services Security Penetration Testing Experience
 
skills:
  • Four (4) year degree in Computer Science or related field, or equivalent work experience.
  • Four (4) years of progressively responsible information systems and application security engineering experience that demonstrates an understanding of the required knowledge, skills, and abilities
  • Four (4) years of Node.js experience
  • Five (5) years of .NET development experience
  • Five (5) years of experience in HTML, CSS, JavaScript, and jQuery
  • Strong familiarity with OWASP Top 10 web vulnerabilities and how to engineer software to avoid them
  • Knowledge of and experience working in an Agile SDLC model
  • Experience working with DAST and SAST products, preferably IBM AppScan and Veracode
  • Experience integrating DAST and SAST capabilities into a CI/CD pipeline, experience with TeamCity preferred
  • Experience with a scripting language (Python, Ruby, Perl, etc.)
  • Experience working with third party security vendors
  • Strong proficiency in active listening and the ability to learn quickly
  • Ability to communicate technical security concepts to a diverse audience (written and verbal)
  • Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
  • Database Experience (DBA or security penetration testing)
  • Web Services Security Penetration Testing Experience

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs


    Software Engineer

  • location: Chantilly, VA
  • job type: Temp to Perm
  • salary: $35 - $40 per hour
  • date posted: 9/17/2018