Job Description :
Application Security Specialist
Location: Detroit, MI
Duration: 8-9 months with possible contract to hire
Top 3 skills/experience:
- Application coding experience
- Experience utilizing vulnerability assessment tools such as Nessus, AppDetective, Burp Suite, WebInspect, AppScan, and Fortify.
- Practical knowledge and experience with OWASP top ten issues with an understanding of web-based application vulnerabilities.
Position Responsibilities:
- Coordinate system assessments with appropriate project personnel and other program elements to conduct application security assessments.
- Assists in the creation, design, and implementation of assessment plans around testing the security of systems, processes and their environment.
- Ability to use and configure security tools.
- Responsible for writing security assessment plans. Maintain records of assessment progress, documents result, prepares reports and presents results as appropriate
- Assists in reviewing requirements and security risk documents, and assists in defining security assessment scenarios
- Conduct hands-on security assessments, analyze test results, documents risk, and recommend countermeasures
- Develop, assemble, and submit testing results and reports for review by Security Engineers
Qualifications:
- Bachelors degree in Computer Science, Information Systems, Engineering or related major
- Experience with a variety of information security processes and technologies such as:
- Common operating systems, network protocols, web services and databases
- Risk assessment and management
- Application security and systems development life cycle
- Data and systems integrity controls
- Encryption technology
- Change control and release management
- Network and application security assessment
Skills and Experience:
- Ability to adjust to changing priorities while multitasking effectively
- Experience in planning and implementing security test efforts, which includes manual security testing and developing custom security assessment scripts or programs
- Experience utilizing vulnerability assessment tools such as Nessus, AppDetective, Burp Suite, WebInspect, AppScan, and Fortify.
- Practical knowledge and experience with OWASP top ten issues with an understanding of web-based application vulnerabilities
- Ability to review and audit source code analysis report.
- Self-motivated with ability to work with minimal supervision.
- Excellent problem-solving skills.
- Application development experience with programming languages such as Java, C, C++, C#, asp, and .NET
- Minimum 5-year experience in a security or related IT function
- Suitable Security Certifications (ISC2, SANS, EC-Council, CREST, IACRB) important.
- Knowledge and/or experience with PowerBI, Tableau, and Splunk are beneficial.