Previous Job
Previous
Security Engineer II
Ref No.: 18-09567
Location: Jersey City, New Jersey
Position Type:Contract
Job Description: Job Title: ASA Security Assessor/Auditor

Job Description
Providing vulnerability assessments to all teams globally within an assigned business segment.

Job Specific Responsibilities
Security auditors will be assigned to a specific business segment and will be the liaison to the business segment and the security champions performing consulting, FOD uploads and dynamic scans as appropriate. Each auditor will be responsible for the security of all applications within that BU and maintaining our regulatory and compliance requirements.

Candidate Requirements
• Hands on experience in leading vulnerability assessments through executing dynamic and static application security testing against applications and infrastructure.
• Experience in manual retesting of application and infrastructure vulnerabilities is required.
• Candidate must be comfortable speaking to how they will go about identifying and remediating vulnerabilities in the OWASP Top 10. (Injection, XSS, Insecure Direct Object Reference, etc.)

Preferred Qualifications
• Proficient in technical security consulting, ready and able to lead discussions summarizing steps to reproduce vulnerabilities, the inherent severity/risk, and provide remediation consultation.
• Experience in static code vulnerability analysis using Checkmarx, Fortify SCA, and/or IBM Source. Capable working knowledge of C/C++, .NET, Java, HTML, etc.
• Knowledge of scripting tools to automate testing and reporting, such as Python, Excel Macros, etc.
Interview Required: Yes