Applications Security Engineer
1 month ago
Top Skills' Details
1. 5+ years experience in Application security scanning and testing
2. Previous full stack Java experience as well as CI/CD, Dev ops
3. Hands on experience with Qualys
Job Description
The IT Security Threat Analyst independently develops, maintains, and implements comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Perform comprehensive threat analysis and recommends appropriate course of action, mitigation, and remediation. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members. They are the single point of contact and coordination for third-party incident response teams and law enforcement agencies if the environment is breached.
Essential Functions - The essential functions listed represent the major duties of this role, additional duties may be assigned.
• Subject matter expert in the detection and identification of web application cyberattack signatures, tactics, techniques and procedures associated with advanced threats
• Independently and proactively prepares detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
• Develops and maintains documentation for security evaluation procedures
• Serve as a subject matter expert for team members, specializing in web application security monitoring and application analysis
• Creates and leads initiatives to improve web application security evaluation processes
• Leads improvements discussions with third-party vendor regarding security evaluations
• Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security monitoring and application security program
Required Work Experience:
5+ years related work experience within IT Security
Experience utilizing multiple web application scanning tools.
Experience recommending web application security analysis tools.
Experience working in Agile methodology environment.
Experience working with REST services (prefer also SOAP experience).
Experience with scripting (prefer also some application code development experience).
Required Education:
Related Bachelor’s degree or additional related equivalent work experience IT related field
Additional Required Qualifications:
Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in web application security evaluation.
Experience working and managing vendor performance and service level agreements
Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
Ability to manage tasks independently and take ownership of responsibilities
Ability to learn from mistakes and apply constructive feedback to improve performance
Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
Top Skills' Details
1. Background as a full stack Java developer with scripting experience like Bash or Python
2. Experience with security testing (SAST, DAST, RASP etc.)
3. Understanding of OWASP Top 10, software security, secure coding, vulnerability management.
4. Knowledge of Cloud Infrastructure and Dev Ops methodologies: Containers (Docker), Kubernetes, micro-services
Secondary Skills - Nice to Haves
Job Description
The Application Vulnerability Management team is responsible for discovering technical vulnerabilities within in-house developed applications. This includes the actual code developed by analysts, dependencies such as open source libraries and container technology. The team analyzes in-house developed applications for known vulnerabilities (e.g., CVE-based vulnerabilities, CWE-based vulnerabilities and OWASP Top 10 vulnerabilities, pripritizes them, and works with the appropriate asset owner to determine if remediation, mitigation or risk acceptance is required and complies with appropriate timelines. Vulnerability tracking and metrics reporting is also part of the teams output.
Responsibilities
- Discover technical vulnerabilities in Production in code, dependencies and container technology.
- Support the development lifecycle of in-house developed applications to allow development teams to identify vulnerabilities during the build lifecycle
- Develop and use scoring models to score vulnerabilities.
- Provide regular statuses on current work
- Be willing to take on special assignments that may require additional learning
Skills and Knowledge - Web application attacks and trends - Basic operational knowledge of: HTTP/S, XML, HTML, JavaScript, AJAX (Web 2.0) - Web Infrastructure Security (e.g., NGINX, Tomcat, IIS, etc.) - Authentication and Session management - Exploits (e.g., CSRF, XSS, HTTP Response Splitting, Injection attacks, XML External Entities, etc.) - Remediation (e.g., Escaping, Encoding, Input/Output Validation, Parameterized Queries, etc.) - Mitigation (e.g., WAF, IPS, XML Gateway/Firewall, etc.) - Scripting/automation skills (e.g., Python, JavaScript, Powershell, etc.)
Additional Skills & Qualifications
- Excellent documentation skills to accurately complete reports and documentation
- Strong verbal and written communication skills
- Team player, self starter, able to get up to speed to contribute quickly
-
Physical Security Engineer
2 weeks ago
Tempe, United States Enterprise Security, Inc. Full timeJob DescriptionJob DescriptionMake a Positive Career Change in 2024! ENTERPRISE SECURITY is a premier commercial security systems integrator for the Southern California area and we are seeking an experienced security systems engineer. Why work for us? Benefits, Paid Holidays and Paid Time Off. Work Alongside Industry Experts That Take Pride in Their Work,...
-
Security Engineer
2 weeks ago
Tempe, United States Phoenix Staff Inc Full timeJob DescriptionJob DescriptionTitle: Security EngineerLocation: Tempe, AZ (Hybrid 3 days per week onsite)Type: Contract Our client is looking for a Security Engineer to join their team in Tempe, AZ. Responsibilities: Security Operations: Monitor and analyze security alerts and incidents, responding promptly to mitigate potential threats and...
-
Security Officer
1 month ago
Tempe, Arizona, United States Marksman Security Full timeJob Title: Unarmed Security OfficerOverview:Marksman Security is seeking a highly skilled and experienced Unarmed Security Officer to join our team in Tempe, AZ. As a Security Officer, you will play a critical role in maintaining a safe and secure environment for our clients and their properties.Responsibilities:Monitor and patrol designated areas to prevent...
-
Application Security Architect
2 weeks ago
Tempe, Arizona, United States Cross Boarder Talents Full timeJob Title: Application Security ArchitectWe are seeking a highly skilled Application Security Architect to join our team. As a key member of our IT and Computer Department, you will be responsible for ensuring the security and integrity of our custom-developed web and cloud applications.Responsibilities:Conduct thorough security audits of code architecture...
-
Application Security Architect
4 weeks ago
Tempe, United States Cross Boarder Talents Full timeLocation: Tempe AZEmployment Status: Permanent Department: IT and ComputerJob descriptionSummary of This Role Responsibilities range from auditing code architecture and databases used in customdeveloped web and cloud applications to testing for common application level vulnerabilities weaknesses and providing both vulnerability analysis and development...
-
Application Security Architect
2 months ago
Tempe, United States Cross Boarder Talents Full timeLocation: Tempe AZEmployment Status: Permanent Department: IT and ComputerJob descriptionSummary of This Role Responsibilities range from auditing code architecture and databases used in customdeveloped web and cloud applications to testing for common application level vulnerabilities weaknesses and providing both vulnerability analysis and development...
-
Security Engineer
4 weeks ago
Tempe, United States TEKsystems Full timeJob DescriptionJob DescriptionJob TitleCybersecurity engineerTop Skills' Details1. 2+ years experience with SIEM ( deploying, configuration, query languages)2. Experience with linux virtual machines and Windows administration3. 2+ years experience with Python scripting and exposure to Azure logic Apps (nice to have) Secondary Skills - Nice to HavesJob...
-
Security Engineer
1 month ago
Tempe, United States TEKsystems Full timeJob DescriptionJob DescriptionJob TitleCybersecurity engineerTop Skills' Details1. 2+ years experience with SIEM ( deploying, configuration, query languages)2. Experience with linux virtual machines and Windows administration3. 2+ years experience with Python scripting and exposure to Azure logic Apps (nice to have) Secondary Skills - Nice to HavesJob...
-
Application Security Architect
2 weeks ago
Tempe, Arizona, United States Cross Boarder Talents Full timeJob Title: Application Security ArchitectJob Summary: We are seeking an experienced Application Security Architect to join our team. The successful candidate will be responsible for auditing code architecture and databases used in custom-developed web and cloud applications, as well as testing for common application-level vulnerabilities and...
-
Application Security Specialist
2 weeks ago
Tempe, Arizona, United States Manpower Group Inc. Full timeAbout the Role:We are seeking a highly skilled Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for evaluating the security of web and mobile applications by conducting penetration tests and vulnerability assessments.Key Responsibilities:Conduct comprehensive penetration tests on web and mobile...
-
Application Security Specialist
3 weeks ago
Tempe, Arizona, United States Experis Full timeAbout the RoleWe are seeking an experienced Application Penetration Tester to join our team at Experis. As an Application Penetration Tester, you will be responsible for evaluating the security of web and mobile applications by conducting penetration tests and vulnerability assessments.Key Responsibilities:Conduct comprehensive penetration tests on web and...
-
Security Officer Position
2 weeks ago
Tempe, Arizona, United States American Security Full timeSecurity Officer Job DescriptionWe are seeking a reliable and detail-oriented Security Officer to join our team at American Security & Investigations in Tempe, AZ.Job SummaryThis part-time overnight Security Officer position involves patrolling buildings, investigating hazards, and securing doors and windows. The ideal candidate will have excellent...
-
Security Officer
2 weeks ago
Tempe, Arizona, United States Inter-Con Security Full time{"title": "Security Officer", "description": "Job SummaryInter-Con Security Systems, Inc. is seeking a highly motivated and detail-oriented Security Officer to join our team. As a Security Officer, you will be responsible for ensuring the safety and security of our clients' facilities and personnel.Key ResponsibilitiesScreen employees and visitors at...
-
Senior Network Security Engineer
1 week ago
Tempe, Arizona, United States Sentinel Technologies Full timeJob Title: Senior Network Security EngineerSentinel Technologies is seeking a highly skilled Senior Network Security Engineer to join our deployment team. This individual will design, implement, and configure secure network solutions for mid to enterprise-level client environments.Key Responsibilities:Design and implement large-scale network security...
-
Security Specialist
4 weeks ago
Tempe, Arizona, United States American Security & Investigations Full time{"h1": "Security Officer Job Description", "p": "At American Security & Investigations, we are seeking a highly skilled Security Officer to join our team. As a Security Officer, you will be responsible for ensuring the safety and security of our clients\u2019 properties and personnel. Responsibilities: * Patrol buildings, facilities, or work sites to...
-
Security Engineer II
1 week ago
Tempe, Arizona, United States Sundt Full timeJob SummarySundt is seeking a highly skilled Security Engineer to join our team. As a Security Engineer, you will play a crucial role in safeguarding our organization's digital assets and infrastructure. You will be responsible for implementing, managing, and maintaining security solutions and practices to protect against threats and vulnerabilities.Key...
-
Security Officer
2 weeks ago
Tempe, Arizona, United States Secureone Security Services Full timeJob SummarySecureOne Security Services is seeking a highly motivated Security Officer to join our team. As a Security Officer, you will be responsible for ensuring the safety and security of assigned properties through proactive patrols and visible deterrence.Key Responsibilities:Conduct regular patrols to identify and mitigate potential security...
-
Security Officer
3 weeks ago
Tempe, Arizona, United States Secureone Security Services Full timeSecureOne Security Services: A Leader in Security SolutionsAt SecureOne Security Services, we are committed to providing exceptional security solutions to our clients. We are seeking highly motivated and reliable Security Officers to join our team.Why Choose SecureOne?Competitive Compensation: $18.04/hr, with opportunities for bonuses and...
-
Armed Security Officer
3 weeks ago
Tempe, Arizona, United States Anderson Security Agency Full timePart-Time Armed Security Officer Job SummaryWe are seeking a highly skilled and dedicated Part-Time Armed Security Officer to join our team at Anderson Security Agency, Ltd. As a Part-Time Armed Security Officer, you will play a critical role in ensuring the safety and security of our clients' facilities and personnel.Key Responsibilities:Monitor and control...
-
Cloud Security Engineer
4 days ago
Tempe, Arizona, United States MUFG Full timeCloud Security Engineer - Senior ExpertMitsubishi UFJ Financial Group (MUFG) is seeking a highly motivated Certified Sr. Cloud Security Engineer Subject Matter Expert (SME) to improve the security framework and direct the delivery of services, oversee day-to-day operations, and control any issues for teams in a multi-cloud environment.The ideal candidate is...