The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.

Application Security Engineer

Job Description

  • Work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile and more
  • Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
  • Create threat models that result in more secure application design
  • Design and develop security testing scenarios
  • Analyze and present results of testing to team members, managers and customers
  • Write detailed problem reports, test plan documents, and mitigation recommendations as needed
  • Develop tools to aid penetration test automation and effectiveness
  • Review code for common security vulnerabilities
  • Possible travel to client sites to conduct in-person security reviews and assessments
  • Proactively Scan Perimeter network for vulnerabilities (Hosts, Ports, Applications, TLS)
  • Monitor Application log files for active attacks (Develop Monitoring and Alerts for log systems)
  • Keep adept on newly emerging threats and provide guidance and verify mitigations to these threats
  • Be in an on-call rotation ready to provide incident response within 1 hour during work hours or 2 hours off hours


YOUR RESUME

What we're really looking for, even if your resume doesn't say it, is someone versed and capable in one or many of the following areas:

  • Penetration Testing and Ethical Hacking
  • Dynamic and/or Static Code Analysis
  • Software Development
  • Interest in conducting security research


MUST HAVES

What we expect of our applicants:

  • B.S. in Computer Science or related degree
  • Minimum 5-years of experience in a technical role
  • Completed CISSP, CISA, CEH, CAP, Security+, or a similar security certification
  • Develop custom security tools to improve coverage and validate findings
  • Work with Agile, GIT, and release planning
  • Penetration testing methodologies, tools, and tactics such as Fuzzing, GDB, Burp, Nmap, OWASP, Metasploit, Sqlmap, dynamic/static analysis
  • Penetration testing and white hat hacking
  • Incident response for PCI-compliant systems in a large production environment (over 1,000,000 users)


NICE TO HAVES

These skills are not required, but if you have any of them, you are likely a good candidate for the position:

  • Develop in Perl, Java EE, Python, and C/C++
  • Develop on Linux and Windows platforms
  • Enterprise services such as LDAP, SAML, API Gateways, secure web services
  • Familiarity with Informix Database
  • Participation in Bug Bounty programs
  • Detail oriented and dependable
  • Good sense of humor

Job Requirements

 

Job Snapshot

Location US-WA-Seattle
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type Other
Apply

Company Overview

Dunhill Professional Search

Dunhill Professional Search isn't your typical staffing company. We are a small, boutique firm that takes pride in offering outstanding service to our client companies and client candidates alike. We believe it is our job to not just put any candidate into any job, but to match candidates and companies based on skills, motivation, and cultural fit. As a candidate, you can expect our recruiters to spend time getting to know and understand your career objectives. Learn More

Contact Information

US-WA-Seattle
Dunhill Professional Search
Snapshot
Dunhill Professional Search
Company:
US-WA-Seattle
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Other
Store Type:

Job Description

  • Work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile and more
  • Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
  • Create threat models that result in more secure application design
  • Design and develop security testing scenarios
  • Analyze and present results of testing to team members, managers and customers
  • Write detailed problem reports, test plan documents, and mitigation recommendations as needed
  • Develop tools to aid penetration test automation and effectiveness
  • Review code for common security vulnerabilities
  • Possible travel to client sites to conduct in-person security reviews and assessments
  • Proactively Scan Perimeter network for vulnerabilities (Hosts, Ports, Applications, TLS)
  • Monitor Application log files for active attacks (Develop Monitoring and Alerts for log systems)
  • Keep adept on newly emerging threats and provide guidance and verify mitigations to these threats
  • Be in an on-call rotation ready to provide incident response within 1 hour during work hours or 2 hours off hours


YOUR RESUME

What we're really looking for, even if your resume doesn't say it, is someone versed and capable in one or many of the following areas:

  • Penetration Testing and Ethical Hacking
  • Dynamic and/or Static Code Analysis
  • Software Development
  • Interest in conducting security research


MUST HAVES

What we expect of our applicants:

  • B.S. in Computer Science or related degree
  • Minimum 5-years of experience in a technical role
  • Completed CISSP, CISA, CEH, CAP, Security+, or a similar security certification
  • Develop custom security tools to improve coverage and validate findings
  • Work with Agile, GIT, and release planning
  • Penetration testing methodologies, tools, and tactics such as Fuzzing, GDB, Burp, Nmap, OWASP, Metasploit, Sqlmap, dynamic/static analysis
  • Penetration testing and white hat hacking
  • Incident response for PCI-compliant systems in a large production environment (over 1,000,000 users)


NICE TO HAVES

These skills are not required, but if you have any of them, you are likely a good candidate for the position:

  • Develop in Perl, Java EE, Python, and C/C++
  • Develop on Linux and Windows platforms
  • Enterprise services such as LDAP, SAML, API Gateways, secure web services
  • Familiarity with Informix Database
  • Participation in Bug Bounty programs
  • Detail oriented and dependable
  • Good sense of humor

Job Requirements

 
Mr84rk6p53hf32zqr3z
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Application Security Engineer Apply now