Cyber-Security Engineer

Primastep LLC
Washington, DC
Aug 18, 2019
Aug 20, 2019
Full Time
Job Location Washington, DC Job Type Full-Time (Temp to Perm) Clarence US Citizenship Pay Up to 135Kyr (Depends on Experience) The Cyber-Security Engineer will work with development teams to carry out Application Security reviews and compliance guidelines. This role ensures that adequate and effective security processes, controls, and lifecycles are followed and aligned to deliver application security best practices and frameworks in order to follow the security policy and regulatory requirements. The Application Security Engineer supports the information security and compliance program, establishing appropriate assessments, managing and tracking risk mitigation and remediation activities. DUTIES AND RESPONSIBILITIES Perform threat modeling, vulnerability analysis, penetration testing, code review, and SDLC support Provide expert advice and consultancy to customers on risk assessment, threat modeling and fixing vulnerabilities. Design, implement and support security-focused tools and services. Write technical reports (eg based on findings, System Security Plans) Identify security vulnerabilities in applications Offer solutions to discovered vulnerabilities Suggest secure design techniques to management and customers to improve application security posture Prepare reports on project progress and present results to the customer and management Maintain current knowledge of relevant vulnerabilities and mitigation techniques REQUIRED SKILLS 7+ years of experience in Cybersecurity. CISSP certification alternatively, GIAC Certified Web Application Defender (GWEB), GIAC Secure Software Programmer-Java (GSSP-JAVA), GIAC Web Application Penetration Tester (GWAPT), Certified Ethical Hacker (CEH), Certified Secure Software Lifecycle Professional (CSSLP) could be considered. 3+ years of experience in application security. Working knowledge of NIST 800-53 rev. 4 Experience in vulnerability testing and auditing Knowledge of secure development practices and techniques (eg OWASP Top Ten) Knowledge of and experience working with common Application Security Tools (eg Fortify, AppScan, WebInspect)

Similar jobs