Sr. Development Engineer: Applications
Security
Overview:
· Working closely with the Director of Information Security, the Sr.
Application Security Engineer will Develop and Implement Processes, Procedures
and Risk Mitigation Strategies to Secure
Applications Developed or Utilized by the Firm.
· The Sr. Analyst also serves as Subject Matter Expert regarding Strategies
and Limitations of Secure Systems Development Efforts and Secure
Implementations Practices.
·
This is a Programming/Development
position, NOT an IT Security role.
Responsibilities:
·
Develop vulnerability assessments, code reviews, validations strategies
and plans. Perform code reviews, application vulnerability assessments and
prescribe remediation strategies for identified deficiencies.
·
Subject matter expert for secure coding, penetration testing and mobile
platforms and applications. Will evangelize security and secure coding
practices throughout the firm's application development teams.
· Develop automation and processes or maximizes commercial packages to
identify security flaws in code.
·
Guide and participate in architectural and design discussions during
the design, development and implementation of all applications.
·
Partner with Business Resiliency and Human Resources in the development
and deployment of secure code training and mentoring strategies for application
development.
Requirements:
· Bachelor’s Degree in Computer Science, Engineering, MIS or equivalent
experience along with a minimum of 10
years working in Software Development with 6 years working experience in Application
Security.
· Verifiable experience with tools such as: Fortify, Nessus, Qualys, IBM
AppScan, HP WebInspect, Acunetix, Burp Suite Pro. Knowledge of OWASP Tools and Secured
Application Development Methodologies and Practices.
·
Experience with Web Application Development (ASP.Net, ASP, PHP) and knowledge
of common security requirements for ASP.Net, C#, C++, IOS, and Android
applications
· Understanding and familiarity with common code review methods and
standards.
·
Strong understanding of audit standards and best practices; strong
analytical and organizational skills; strong customer service focus and
meticulous attention to detail. Must have the ability to maintain
confidentiality.
·
Ability to establish priorities, work collaboratively, and meet
objectives using strong collaborative and influencing skills. Demonstrated
strong analytical and problem solving skills with excellent follow-up and
strong attention to detail.
·
Must have strong conflict resolution and influencing skills.
· Will have a demonstrable track record of managing work to achieve
milestones on time and within budget in a fast-paced environment. Strong
meeting organization and facilitation skills. Will have the ability to manage
multiple priorities in fast paced environments
·
Must have or obtain within the first year of employment Certifications
such as:
·
GIAC GSSP .Net
·
GIAC GWEB
· CSSLP
·
Absolutely must have excellent English written and verbal communication
skills.
This is a permanent, full
time position. All candidates MUST be
local to Farmingdale, L.I., NY
Please do not apply if you
are not local, even if you would pay your own relocation.
All candidates must be legally eligible to work in the United States
without sponsorship and must reside locally. Sorry, no Visa sponsorships or Transfers at this time. No 3rd Party
Recruiters unless you represent a local candidate with these qualifications
RESUMES FROM OUTSIDE OF THE US
WILL NOT BE READ