Previous Job
Software Security Consultant
Ref No.: 18-16060
Location: Suite 200, Maryland
Required Skills :
OWASP Top 10, Client Fortify, Java, Application Security

Basic Qualifications :

Job Description :
Apex Systems is seeking an Application Security Consultant to provide support for one of our clients in the Finance Industry. This individual will join our client's newly formed Software Security Assurance Team, who has been tasked to protect information assets in support of their business objectives and in conformity with their policies.
Role: Application Security Consultant
Location: Columbia, MD

Bachelor’s degree in a related field and/or a minimum of 7 years of equivalent experience.
Experience performing software security architecture, design and requirements analysis for large-scale enterprise systems
Solid understanding of a variety of software security practices, secure code reviews, vulnerability scanning methods, threat modeling, security requirements analysis and architectural risk analysis
Expert knowledge in application vulnerability types, attack vectors and remediation approaches
Expert understanding of the IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS, PKI.
Familiarity with well-known application security sources and standards such as OWASP, WASC, NIST and CVE
Extensive applied knowledge with static and dynamic analysis tools and hacking tools
5+ years of enterprise software development experience. Java programming skills including knowledge of JSSE and other security features is preferred. Experience with NET/ASP/C# also a plus.
Background in mobile application development (Objective C, HTML5) and mobile security a plus.
Development experience with strong Java programming skills including knowledge of JSSE and other security features.
Assess current practices and identify and implement relevant policies to ensure state of the art development practices as they relate to security
Influences the selection of Software Security Assurance (SSA) program elements including supporting tools.
Conduct software security testing, including penetration testing, to confirm the results of design and code analysis, investigate software behavior, and verify that the software complies with security requirements
Ensure the control and protection of software, improve the software development process, and minimize defects and vulnerabilities in software production.