· Working closely with the Director of Information Security, the Sr. Application Security Engineer will Develop and Implement Processes, Procedures and Risk Mitigation Strategies to Secure Applications Developed or Utilized by the Firm.
· The Sr. Analyst also serves as Subject Matter Expert regarding Strategies and Limitations of Secure Systems Development Efforts and Secure Implementations Practices.
· This is a Programming/Development position, NOT an IT Security role.
· Develop vulnerability assessments, code reviews, validations strategies and plans. Perform code reviews, application vulnerability assessments and prescribe remediation strategies for identified deficiencies.
· Subject matter expert for secure coding, penetration testing and mobile platforms and applications. Will evangelize security and secure coding practices throughout the firm's application development teams.
· Develop automation and processes or maximizes commercial packages to identify security flaws in code.
· Guide and participate in architectural and design discussions during the design, development and implementation of all applications.
· Partner with Business Resiliency and Human Resources in the development and deployment of secure code training and mentoring strategies for application development.
· Bachelor’s Degree in Computer Science, Engineering, MIS or equivalent experience along with a minimum of 10 years working in Software Development with 6 years working experience in Application Security.
· Verifiable experience with tools such as: Fortify, Nessus, Qualys, IBM AppScan, HP WebInspect, Acunetix, Burp Suite Pro. Knowledge of OWASP Tools and Secured Application Development Methodologies and Practices.
· Experience with Web Application Development (ASP.Net, ASP, PHP) and knowledge of common security requirements for ASP.Net, C#, C++, IOS, and Android applications
· Understanding and familiarity with common code review methods and standards.
· Strong understanding of audit standards and best practices; strong analytical and organizational skills; strong customer service focus and meticulous attention to detail. Must have the ability to maintain confidentiality.
· Ability to establish priorities, work collaboratively, and meet objectives using strong collaborative and influencing skills. Demonstrated strong analytical and problem solving skills with excellent follow-up and strong attention to detail.
· Must have strong conflict resolution and influencing skills.
· Will have a demonstrable track record of managing work to achieve milestones on time and within budget in a fast-paced environment. Strong meeting organization and facilitation skills. Will have the ability to manage multiple priorities in fast paced environments
· Must have or obtain within the first year of employment Certifications such as:
· GIAC GSSP .Net
· GIAC GWEB
· Absolutely must have excellent English written and verbal communication skills.
This is a permanent, full time position. All candidates MUST be local to Farmingdale, L.I., NYPlease do not apply if you are not local, even if you would pay your own relocation.
All candidates must be legally eligible to work in the United States without sponsorship and must reside locally. Sorry, no Visa sponsorships or Transfers at this time. No 3rd Party Recruiters unless you represent a local candidate with these qualifications
RESUMES FROM OUTSIDE OF THE US WILL NOT BE READ