Applications Security Engineer
2 months ago
Top Skills' Details
1. 5+ years experience in Application security scanning and testing
2. Previous full stack Java experience as well as CI/CD, Dev ops
3. Hands on experience with Qualys
Job Description
The IT Security Threat Analyst independently develops, maintains, and implements comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Perform comprehensive threat analysis and recommends appropriate course of action, mitigation, and remediation. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members. They are the single point of contact and coordination for third-party incident response teams and law enforcement agencies if the environment is breached.
Essential Functions - The essential functions listed represent the major duties of this role, additional duties may be assigned.
• Subject matter expert in the detection and identification of web application cyberattack signatures, tactics, techniques and procedures associated with advanced threats
• Independently and proactively prepares detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
• Develops and maintains documentation for security evaluation procedures
• Serve as a subject matter expert for team members, specializing in web application security monitoring and application analysis
• Creates and leads initiatives to improve web application security evaluation processes
• Leads improvements discussions with third-party vendor regarding security evaluations
• Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security monitoring and application security program
Required Work Experience:
5+ years related work experience within IT Security
Experience utilizing multiple web application scanning tools.
Experience recommending web application security analysis tools.
Experience working in Agile methodology environment.
Experience working with REST services (prefer also SOAP experience).
Experience with scripting (prefer also some application code development experience).
Required Education:
Related Bachelor’s degree or additional related equivalent work experience IT related field
Additional Required Qualifications:
Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in web application security evaluation.
Experience working and managing vendor performance and service level agreements
Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
Ability to manage tasks independently and take ownership of responsibilities
Ability to learn from mistakes and apply constructive feedback to improve performance
Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
Top Skills' Details
1. Background as a full stack Java developer with scripting experience like Bash or Python
2. Experience with security testing (SAST, DAST, RASP etc.)
3. Understanding of OWASP Top 10, software security, secure coding, vulnerability management.
4. Knowledge of Cloud Infrastructure and Dev Ops methodologies: Containers (Docker), Kubernetes, micro-services
Secondary Skills - Nice to Haves
Job Description
The Application Vulnerability Management team is responsible for discovering technical vulnerabilities within in-house developed applications. This includes the actual code developed by analysts, dependencies such as open source libraries and container technology. The team analyzes in-house developed applications for known vulnerabilities (e.g., CVE-based vulnerabilities, CWE-based vulnerabilities and OWASP Top 10 vulnerabilities, pripritizes them, and works with the appropriate asset owner to determine if remediation, mitigation or risk acceptance is required and complies with appropriate timelines. Vulnerability tracking and metrics reporting is also part of the teams output.
Responsibilities
- Discover technical vulnerabilities in Production in code, dependencies and container technology.
- Support the development lifecycle of in-house developed applications to allow development teams to identify vulnerabilities during the build lifecycle
- Develop and use scoring models to score vulnerabilities.
- Provide regular statuses on current work
- Be willing to take on special assignments that may require additional learning
Skills and Knowledge - Web application attacks and trends - Basic operational knowledge of: HTTP/S, XML, HTML, JavaScript, AJAX (Web 2.0) - Web Infrastructure Security (e.g., NGINX, Tomcat, IIS, etc.) - Authentication and Session management - Exploits (e.g., CSRF, XSS, HTTP Response Splitting, Injection attacks, XML External Entities, etc.) - Remediation (e.g., Escaping, Encoding, Input/Output Validation, Parameterized Queries, etc.) - Mitigation (e.g., WAF, IPS, XML Gateway/Firewall, etc.) - Scripting/automation skills (e.g., Python, JavaScript, Powershell, etc.)
Additional Skills & Qualifications
- Excellent documentation skills to accurately complete reports and documentation
- Strong verbal and written communication skills
- Team player, self starter, able to get up to speed to contribute quickly
-
Physical Security Engineer
1 month ago
Tempe, United States Enterprise Security, Inc. Full timeJob DescriptionJob DescriptionMake a Positive Career Change in 2024! ENTERPRISE SECURITY is a premier commercial security systems integrator for the Southern California area and we are seeking an experienced security systems engineer. Why work for us? Benefits, Paid Holidays and Paid Time Off. Work Alongside Industry Experts That Take Pride in Their Work,...
-
Security Engineer
2 months ago
Tempe, United States TEKsystems Full timeJob DescriptionJob DescriptionJob TitleCybersecurity engineerTop Skills' Details1. 2+ years experience with SIEM ( deploying, configuration, query languages)2. Experience with linux virtual machines and Windows administration3. 2+ years experience with Python scripting and exposure to Azure logic Apps (nice to have) Secondary Skills - Nice to HavesJob...
-
Application Security Architect
2 months ago
Tempe, United States Cross Boarder Talents Full timeLocation: Tempe AZEmployment Status: Permanent Department: IT and ComputerJob descriptionSummary of This Role Responsibilities range from auditing code architecture and databases used in customdeveloped web and cloud applications to testing for common application level vulnerabilities weaknesses and providing both vulnerability analysis and development...
-
Application Security Architect
2 months ago
Tempe, United States Cross Boarder Talents Full timeLocation: Tempe AZEmployment Status: Permanent Department: IT and ComputerJob descriptionSummary of This Role Responsibilities range from auditing code architecture and databases used in customdeveloped web and cloud applications to testing for common application level vulnerabilities weaknesses and providing both vulnerability analysis and development...
-
Flex Security Officer
3 weeks ago
Tempe, United States Marksman Security Full timeOverviewMarksman Security Corporation is hiring immediately for a Flex Security Officer!$23.00 (hourly) **$600 Sign On Bonus** Applicants need to be flexible with their schedule and willing to work weekends, evenings and holidays, if needed. Must be able to respond to work assignments with little to no advance notice. Ideal candidates will have previous...
-
Security Officer
1 month ago
Tempe, Arizona, United States Inter-Con Security Full time{"title": "Security Officer", "description": "Job SummaryInter-Con Security Systems, Inc. is seeking a highly motivated and detail-oriented Security Officer to join our team. As a Security Officer, you will be responsible for ensuring the safety and security of our clients' facilities and personnel.Key ResponsibilitiesScreen employees and visitors at...
-
Security Engineer II
1 month ago
Tempe, Arizona, United States Sundt Full timeJob SummarySundt is seeking a highly skilled Security Engineer to join our team. As a Security Engineer, you will play a crucial role in safeguarding our organization's digital assets and infrastructure. You will be responsible for implementing, managing, and maintaining security solutions and practices to protect against threats and vulnerabilities.Key...
-
Cloud Security Engineer
4 weeks ago
Tempe, Arizona, United States MUFG Full timeCloud Security Engineer - Senior ExpertMitsubishi UFJ Financial Group (MUFG) is seeking a highly motivated Certified Sr. Cloud Security Engineer Subject Matter Expert (SME) to improve the security framework and direct the delivery of services, oversee day-to-day operations, and control any issues for teams in a multi-cloud environment.The ideal candidate is...
-
Sr. Cloud Security Engineer
3 weeks ago
Tempe, United States MUFG Bank, Ltd. Full timeDo you want your voice heard and your actions to count?Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term...
-
Sr. Cloud Security Engineer
3 weeks ago
Tempe, United States MUFG Bank, Ltd. Full time $145,000 - $176,000Do you want your voice heard and your actions to count?Below covers everything you need to know about what this opportunity entails, as well as what is expected from applicants.Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a...
-
Armed Security Field Supervisor
1 month ago
Tempe, Arizona, United States Anderson Security Agency Full timeJob Title: Armed Security Field SupervisorAnderson Security Agency is seeking a highly skilled and experienced Armed Security Field Supervisor to join our team in the East Valley of Arizona. As a key member of our security team, you will be responsible for conducting vehicle patrols, checking in with various sites and facilities, and responding to...
-
Security Officer
4 weeks ago
Tempe, United States GardaWorld Security Services U.S. Full timeJob Description:GardaWorld – Security ServicesSpecial Response Officer – Must Have Open Availability For Call Off CoverageYou’ve got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we’re hiring!Every day is different at GardaWorld with diverse work assignments and flexible schedules. We are leaders...
-
Cloud Security Engineer
1 month ago
Tempe, Arizona, United States MUFG Full timeCloud Security Engineer - Sr.Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. We're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and...
-
Special Response Security Officer
2 weeks ago
Tempe, United States GardaWorld Security Services U.S. Full timeJob Description:GardaWorld – Security ServicesOPEN AVAILABILITY IS REQUIREDYou’ve got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we’re hiring!Every day is different at GardaWorld with diverse work assignments and flexible schedules. We are leaders in Professional training programs that cover every...
-
Security Engineer
4 weeks ago
Tempe, Arizona, United States Diverse Lynx Full timeJob Title: Security Engineer - Privileged Access Management SpecialistAt Diverse Lynx LLC, we are seeking a skilled Security Engineer to join our team. As a Security Engineer - Privileged Access Management Specialist, you will be responsible for implementing and managing Privileged Access Management (PAM) systems, with a focus on CyberArk.Key...
-
Security Guard
4 weeks ago
Tempe, United States GardaWorld Security Services U.S. Full timeJob Description:GardaWorld – Security ServicesSpecial Response Officer – max availability required!You’ve got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we’re hiring!Every day is different at GardaWorld with diverse work assignments and flexible schedules. We are leaders in Professional training...
-
Information Security Architect
4 weeks ago
Tempe, Arizona, United States ACHIEVE Full timeJob Title: Information Security ArchitectJob Summary:We are seeking an experienced Information Security Architect to join our team at Achieve. As a key member of our security team, you will be responsible for designing, implementing, and maintaining robust security architectures to protect our organization's information assets across various platforms and...
-
Security Officer
3 weeks ago
Tempe, United States GardaWorld Security Services U.S. Full timeJob Description:GardaWorld – Security ServicesSecurity Officer – Now Hiring!Guard Card RequiredYou’ve got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we’re hiring!Every day is different at GardaWorld with diverse work assignments and flexible schedules. We are leaders in Professional training...
-
Security
2 months ago
Tempe, United States Hyatt PlaceHyatt House Tempe Full timeSecurity Overview: The Security Guard monitors and patrols assigned areas to provide a safe environment for guests and employees and to minimize opportunities for loss or damage. He/she also anticipates potential problems and reacts to disturbances and prohibited conduct. This position responds to emergency situations as needed. Key Duties &...
-
Sr. Security Engineer
3 weeks ago
Tempe, United States MUFG Bank, Ltd. Full time $145,000 - $176,000Do you want your voice heard and your actions to count?Interested in this role You can find all the relevant information in the description below.Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s 10 largest financial institutions according to S & P Global. Across the globe, we’re 120,000 colleagues, striving to make...
