Security Engineer

Employer
Zolon Tech Solutions Inc
Location
Owings Mills, MD
Posted
May 22, 2019
Closes
May 24, 2019
Ref
107449519
Hours
Full Time
Responsibilities Perform and analyze Static, Dynamic, and manual code testing to evaluate the security of new and existing code Work with application development teams to identify remediations to vulnerabilities identified, and track vulnerabilities to remediation Develop processes and procedures for secure coding practices and testing Assist with building automated security testing into the application build and change process Communicate progress, updates, and any obstacles or support requirements to Infosec leadership Requirements A minimum of 3 years proven experience with application security testing In-depth knowledge of Java, JavaScript, and Python Ability to perform dynamic scans and find low-hanging fruit, including SQL injection and Cross-Site Scripting, Cross-Site Request Forgery, and spot Sensitive Data Exposure Ability to review source code to check for logical errors and flaws in the design and architecture Understanding of and ability to find security issues such as authorization, authentication and data validation errors Knowledge of secure coding and application security standards, such as OWASP Familiarity with common compliance requirements such as FISMA, HIPAA, and PCI Experience with integrating security into DevOps environments and CICD pipelines. Experience with automation such as Cloud Formation, Chef, Puppet, or Ansible a plus Familiarity with RDBMS and SQL from a security perspective Ability to translate functional and technical business requirements into secure technical implementations Knowledge of network based, system level, and application layer attacks and mitigation methods is a plus Familiarity with Authentication, Authorization, and Federation, such as AD, OAuth, SAML, as well as PKI and Certificate-based authentication is a plus. Skills A minimum of 3 years proven experience with application security testing In-depth knowledge of Java, JavaScript, and Python Ability to perform dynamic scans and find low-hanging fruit, including SQL injection and Cross-Site Scripting, Cross-Site Request Forgery, and spot Sensitive Data Exposure Note Since interviews are conducted through Phone and in-person, you must be able to interview at your own expense for in-person interview at Owings Mills, MD area.

Similar jobs