Previous Job
Application Security Engineer
Ref No.: 17-10182
Location: New York, New York
Position Type:Right to Hire
Start Date: 10/23/2017

Title: Application Security Engineer
Start Date: ASAP
Location: New York, NY or VA
Length: Contract to hire (3-6 months)
Interview process: F2F
Rate: DOE


As An Application Security Engineer, You Will
  • Provide insight into the latest application security vulnerabilities and exploits
  • Conduct manual security assessments against web applications and apis across a variety of technology stacks
  • Perform periodic penetration tests against multiple targets
  • Provide guidance on prioritization and remediation of security issues
  • Provide guidance on secure SDLC implementation
  • Develop security tools and research security automation
  • Mentor development teams through training and round tables
  • Review application design for potential security considerations
  • Perform threat models of new and existing applications

Qualifications For Success
  • Development Experience
  • Knowledge of Agile Methodology
  • Familiar with application security tools: BurpSuite Pro, SAST, DAST, nmap, Metasploit, Kali Linux
  • Familiar with Java and Spring Framework
  • Familiar with conducting a threat model
  • Crafting Proof of Concept Exploitation for discovered vulnerabilities or security issues
  • Bachelor's Degree in technical/computer science discipline and 3-10 years of experience required

Nice-to-haves (not Required)
  • Familiar with Python, Ruby, R, Django, and Scala
  • Network or Information Security expertise
  • CEH, GWAPT, or OSCP certifications
  • History of contributing to open source projects
  • History of public speaking on security topics