Application Security Engineer

Boston, MA

Posted: 07/18/19 Category: Software/Application Development and Architecture Job Number: 7739

Position Title: Application Security Engineer

Job Location:  Boston, MA

Interview Expectations:  Phone & in-person

Local Candidate: yes

2 yrs+ application security experience, exp with app security vulnerability testing or penetration. Must have experience with penetration testing. Experience with Burp, ZAP or Nmap preferred. 

 

Job Description:

 

We are currently looking for an excellent well rounded Application Security Engineer that can thrive off of the challenge of supporting a newly built and constantly evolving application security program. 

 

Responsibilities
  • The ability to perform in-depth manual/automated application security assessments, threat modeling, and architecture review
  • Identify and implement improvements to application security practices
  • Work closely with product owners, developers, scrum masters, and quality assurance as needed
  • Maintain a vulnerability/remediation tracking database to accurately reflect the current status of our environment
  • The ability to explain  complicated vulnerability concepts to all levels of audience

 

Skills You Will Need Here:

Required
  • Minimum 2 years work experience in application security
  • Mastery of the OWASP top 10 with deep knowledge into all other facets of application security vulnerabilities
  • Strong ethics and understanding of ethics in business and information security
  • Experience with application security tools such as Burp, Zap, nmap
  • Experience with at least one major commercial vendor tool (Veracode, WhiteHat, Qualys, Blackduck, etc)
  • The ability to explain complicated vulnerability concepts to all levels of audience

 

Preferred
  • 4 years work experience in application security
  • Bug bounties or responsible disclosure awards
  • Experience working in software development
  • Experience with Application Security scanning tools (e.g., IBM Appscan, HB WebInspect, Accunetix, NTO Spider, BurpSuite Pro)
  • Experience with Static Code Analysis Tools (e.g., IBM Appscan Source, HP Fortify)
  • Experience with web application development (e.g,  ASP.NET, ASP, PHP, JSP)
  • Possessing security certifications (CEH, CISSP, OSCP, OSCE)

 

 

Nick DelSole
Technical Recruiter

Contact Nick today to learn more about this great opportunity!

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.