Previous Job
Previous
Application Security Engineer
Ref No.: 16-09748
Location: Alpharetta, Georgia
Responsibilities
Building an annual penetration testing plan for the applications.
Scoping each penetration test with the relevant business owners - product management and engineering leaders.
Executing penetration tests on the applications developed by the company. The penetration tests must always include application-level penetration testing, but may also include operating system hardening verification (e.g. a self-checkout must be hardened as a kiosk workstation).
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
Research new attack vectors in the retail, hospitality and financial industries and in the application security field in general.

Qualifications:
Requirements
Bachelor's Degree in Computer Science or related field. Equivalent work experience will be considered.
Penetration testing hands-on experience of 3-7 years.
Software development lifecycle background of 2-3 years.
Security certifications are desirable, e.g. CISSP, CEH or OSCP.
PCI and PA DSS Certification experience is a plus.
Retail and financial payment transaction processing software vulnerabilities and authentication testing – advantage.
Experience with E-Commerce payments integration/ security issues – advantage.
Soft skills - effective communication (internal, customers), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.).
Active participation in cybersecurity forums/conventions, e.g. DEFCON, Black Hat. Public speaking is a plus.

EEO Statement
Integrated into our shared values is Client's commitment to diversity. Client is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at Client has an ongoing responsibility to respect and support a globally diverse environment.

Statement to Third Party Agencies
To ALL recruitment agencies: Client only accepts resumes from agencies on the Client preferred supplier list. Please do not forward resumes to our applicant tracking system, Client employees, or any Client facility. Client is not responsible for any fees or charges associated with unsolicited resumes.
Employee Status:
Regular
Job Level:
Manager
More Information About the Job
Is Relocation Available?
Yes, nationwide
Are you open to sponsorship?
Yes
Are there flexible work hours?
Yes
Is there a possibility to work remote?
No
This position is:
New Position
Is there a bonus structure?
20% or higher
Is there equity?
No
Who does this position report to?
Senior Software Engineering Manager
Does this position have direct reports?
Yes
What are the 3-4 non-negotiable requirements on this position?
We need someone with heavy on Penetration Testing, Ethical Hacker, Certified Ethical Hacker, manual testing experience with penetration testing, Research
Please Note: All Third Party Agencies that are on Scout are on NCRs preferred supplier list.