Application Security Engineer

The Application Security Engineer will interface with the Business Group information security and application leaders to provide timely security assessments, reporting, guidance and assist with remediation.

Required Experience:

5

+ Years
Job Locations:

Roswell, GA

Location Restrictions:

Onsite

Basic Qualifications and

Thesuccessful candidate will perform application security assessments, codereviews, and Software Development Life Cycle (SDLC) security consulting in acustomer environment. The candidate will be responsible for identifyingspecific and systemic security issues within applications and the applicationdevelopment and lifecycle maintenance process, and will also be a resource forthe client in establishing and expanding the base of client knowledge in thearea of application security.

Responsibilities

     •    Performing application vulnerability and security assessments
     •    Performing application security risk assessments
     •    Performing code review across a variety of programming languages
     •    Performing Assessments of SDLC processes
     •    Developing testing scripts and procedures
     •    Developing and delivering application security training and outreach
     •    Creating gap analysis and client improvement program recommendations
     •    Other security-related projects that may be assigned according to skills
     •    Work with third-parties to coordinate and/or conduct penetration exercises


Required Skills and Experience

  Bachelor’s Degree

     •     Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
     •     Application security experience with high level programming languages (e.g., Java, C, C++, .NET, C#, Python)
     •     Experience leading software development projects
     •     Experience with threat modeling and security risk assessments
     •     Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP, Webinspect, Accunetix, BurpSuite Pro)
     •     Experience in manual penetration testing
     •     Basic knowledge in OWASP tools and methodology
     •     Experience with network and web application pen testing
     •     Preferred, but not required, to be certified in CISSP, CEH, GPEN, and/or CSSLP

Interested in this position?
Fill out the form below!