Application Development Security
Job Description Duties Systematically address application security issues and develop secure coding practices for multiple development teams Integration of application authentication, encryption, authorization, and access control Provide mitigation strategies for applications from infrastructure, architecture, and secure coding perspectives Utilize application security scanning tools such as IBM AppScan to interpret reports and validate identified vulnerabilities and associated risks Utilize source code scan tools such as Fortify, or Checkmarx to assist NLM application teams to apply the best practice for application security and catch potential vulnerabilities at early stage. Proactively work with team members to address security and compliance issues Provide education and assistance to application developers for applying Security Software Development Life Cycle Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle Position Requirements A Bachelor's degree in Computer Science OR related engineering field with training in software security Strong software engineering background with extensive experience working in complex enterprise environments implementing software development lifecycles Extensive experience in addressing web application security issues, such as those outlined in OWASP Top 10 Strong knowledge of application security throughout the software lifecycle Experience developing secure coding practices with Java, ColdFusion, Python/Django, and PHP Strong knowledge and experience in securing an application's integration with relational database management systems such as Oracle Experience using Tenable Security Center and validating identified vulnerabilities Proven ability to ensure applications are secure throughout the software lifecycle Ability to perform manual and automated testing to identify vulnerabilities such (BurpSuite Pro, Fiddler, Netsparker, etc.) Knowledge of security in both Linux and Windows environments as it pertains to Web application hosting, middleware (Apache, Tomcat, PHP, ColdFusion, Ajax), and databases (Oracle, MySQL, MS SQL Servers) Demonstrated experience implementing application firewall rules (such as F5 ASM, iRules, and/or Apache ModSecurity) as compensating controls to protect Web applications Software Security Certifications, such as Certified Secure Software Lifecycle Professional (CSSLP) is a big plus Excellent communication skills including presentation and documentation. Strong capability in evaluating application security related products Company Description LIFE AT QUOTIENT Quotient Inc. is committed to providing the best possible working environment for its employees. "Have felt truly welcomed and supported since day 1 from all levels in the company." Current Employee, Software Applications Developer "A great company with a strong emphasis on excellence!" Current Employee, Junior Developer "Very bright group of people to work with, offers a challenging environment to be a part of, and an environment where you can support multiple things at once without getting burnt out (as opposed to getting boxed in at a larger company/project)." Current Employee, Software Applications Developer "An advantage of working for a company this size, is that they actually listen to their employees. If you want to work for a company that cares, work for Quotient."