Senior IS Applications Security Engineer

col-narrow-left
Job ID:
2505625
Location:
Schaumburg, IL
Category:
Information Technology, Telecommunications, Array
Salary:
$150,000.00 per year
Zip Code:
60159
Employment Type:
Full time
Posted:
09.15.2018
col-narrow-right
col-wide

Job Description:

NO SPONSORSHIP

Looking for a candidate with 5+ years applications security, Web DevOps, Java, VB, Ruby, C++, Python, OWASTP. Vulnerabilities application testing

The Sr. IS Application Security Engineer is responsible for supporting the daily operations of the COMPANY Application Security program. This role will require the applicant to be proficient in the use of application code and vulnerability scanning tools and will support critical efforts within the environment to improve the application security profile of the organization.

Requirements

  • 5+ years of applicable security or development experience
  • Bachelor's degree preferred
  • Security related certifications such as CSSLP, CISSP, GIAC, preferred
  • Security and/or Web application security certifications preferred
  • Experience with dynamic web application vulnerability scanning tools and services
  • Experience with static code analysis tools and services
  • Application development/software development experience, understanding of security protocols and APIs.
  • Experience with one or more common programming languages, frameworks, and libraries (VB, Java, .Net, Ruby, C++, Python, Struts, Spring, Groovy, JSON, Node.js, etc.)
  • Working knowledge of vulnerabilities associated with the OWASP Top 10 & SANS Top 20
  • Ability to write scripts in languages such as Python, BASH, or PowerShell for automation
  • Familiarity with application security testing techniques such as fuzzing, penetration testing and code scanning, ideally with both static (SAST) and dynamic (DAST) tools for Client Server, web, mobile, and cloud applications
  • Knowledge of secure SDLC principles
  • Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats
  • Understanding of risk management practices with emphasis on risk assessment and interpretation and application of corporate information
Company Info
Request Technology - Robyn Honquest