Copyright Identify Security 2016 ©

Identify Security is a niche IT recruiting firm that was created to improve the efficiency of applying highly talented IT professionals to solve technology and security related business challenges.

414.773.0633

[email protected]

Application Security Consultant

The successful candidate will perform application security assessments, code reviews, and Software Development Life Cycle (SDLC) security consulting in a customer environment. The candidate will be responsible for identifying specific and systemic security issues within applications and the application development and lifecycle maintenance process, and will also be a resource for the client in establishing and expanding the base of client knowledge in the area of application security.

Projects May Include:

  • Performing application vulnerability and security assessments
  • Performing application security risk assessments
  • Performing code review across a variety of programming languages
  • Performing assessments of SDLC processes
  • Developing testing scripts and procedures
  • Developing and delivering application security training and outreach
  • Creating gap analysis and client improvement program recommendations
  • Other security-related projects that may be assigned according to skills

Successful Candidates Will Possess Some or All of These Qualifications:

  • Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
  • Application security experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
  • Experience leading software development projects
  • Experience with threat modeling and security risk assessment
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP, Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
  • Familiarity with interactive and automated penetration testing

Required Technical and Professional Expertise:

  • Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
  • Application security experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
  • Experience leading software development projects
  • Experience with threat modeling and security risk assessment
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP, Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
  • Familiarity with interactive and automated penetration testing

Position Overview