Job Description :
Position : Senior Application Security Engineer
Location : Atlanta,GA
Duration : 10 months
Primary Skills: Evaluation of new security trends and technologies, Vulnerability and penetration testing and gap remediation workflows.
Secondary Skills: Network and End-point forensics,Incident response workflows,Audit compliance reporting,Data loss prevention.
Description:
The Senior Application Security Engineer will consult with all relevant client Information Technology (IT) teams on all matters relating to Application Security and will be responsible for the development, maintenance and continuous monitoring of application security architecture related controls. This role is focused on people, process and technology to ensure Secure Software Development Life Cycle (SDLC) for client fast-paced IT application support and infrastructure teams.
The role requires a solid understanding of application security principles, best practices and a background working in a secure application development and coding environment within an enterprise.
Required Skills:
Build a very close working relationship with the Office of Infrastructure and the Office of Application Support under the Department of Information Technology (IT
Provide strong information security leadership and cross-functional / stakeholder communications.
Develop and maintain up to date documentation related to Application Security including the development of secure coding policies, procedures and standards to ensure effective and efficient Secure Software Development Life Cycle (SDLC) processes, to include necessary information security checkpoints, code review (Whitebox) methodologies, etc.
Manage training programs on secure code development best practices for developers.
Identify information security requirements by evaluating business strategies and requirements; researching information security standards; conducting vulnerability and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Responsibilities:
Plan and coordinate with internal teams on the design, integration, development, validation and implementation of specific policies, procedures and standards.
Minimum Years of experience needed for required skills: 4 Years
Serve as Advisor to Office of Infrastructure and the Office of Application Support on:
o Evaluation of new security trends and technologies
o Assessment and acquisition of application security tools and technologies
o Vulnerability and penetration testing and gap remediation work flows
o Network and End-point forensics
o Incident response work flows
o Audit compliance reporting
o Data loss prevention
Attend design and application architectural reviews and actively lead discussions from an information security standpoint.
Information security subject matter expert in the incident response program.
Minimum of 5 years in the following information security functional areas:
o Web and Mobile Application Security
o Dynamic Application Security Testing
o Static Application Security Testing
o Patch & Vulnerability Management
o Vulnerability & Penetration Testing
o Authentication and Authorization
o Identity and Access management
o Two Factor Authentication (2FA)
o Single Sign On (SSO)
Thank You,
Dhilip Kumar.