Job Description :
Role - Security Engineer
Location - Dallas, Texas
Duration – 6+ months

Must need experience with app sec scanning tools and some development/scripting experience. Experience with the following tools is a nice to have, but generally understanding of scanning tools plus the ability to code/use APIs will be sufficient for integration:
WhiteHat Sentinel (SAST)
Checkmarx (SAST, IAST)
OWASP ZAP

Drive and be responsible for creating, defining, and sharing the organization’s application security and architecture.
Build and lead a program and/or conduct ethical hacking, penetration testing, and code-reviews on all critical business applications or infrastructure.
Provide architectural input to the Elevate application suite for necessary security controls such as identity and access management, encryption, and connectivity.
Create necessary processes around application development to ensure the security and integrity of deployed code. Additionally, create and lead a program and provide code reviews of applications in development (third party accessible, offshore developed, etc.
Lead, consult, and collaborate with all necessary parties on technical security issues and remediation, up to and including presentation of risks to the CISO and CIO.
Plan and drive risk remediation efforts within the organization.
Build and lead a virtual/matrixed team of application development and support team members involved in the SDLC to promote, maintain, and ensure the security of the organization’s applications.
Provide leadership to the information security team involved in the operation of the security controls for the organization’s applications.
Ensure awareness by providing training opportunities, leading seminars, and disseminating other information to promote a strong foundation of application security knowledge.
Perform additional duties as assigned.
Must possess strong programming background
5+ years’ experience
Strong leadership and communication skills, including working with senior management
Experience in J2EE, Webservices, WebMethods, technologies
Knowledge of Directory Services, SSO, mainframe processing, and data transfer technologies
Experience in secure application programming, code reviews, and penetration testing with web based application
Ability to lead with technical and non-technical personnel in a cross-functional setting
Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments
Experienced in identifying security risks and developing solutions to eliminate or minimize risks
Knowledge of software design, server, software, and network architecture, protocols, and standards
Excellent verbal and written communication skills
Experience in the payments/banking domain a plus
Must be available for on-call for potential security response
Certified ethical hacker (CHE), CISSP a plus