Senior Application Security Engineer
Exciting opportunity for a Senior Application Security Engineer to join an innovative technology company focused on developing the next generation of products for external customers.
You will be focused on application security including penetration testing, application assessments, testing, be the Agile product owner for security, manage audits and code reviews, and perform security training. You will spend about 50% of your time on automation using Python and 50% on testing.
You must be able to thrive in a fast paced, open, Agile environment. Our technology environment includes Python, OWASP, SAST, DAST, SAML, SDLC, network security, Scripting, AJAX, Apache, SOAP, Windows, Linux, Weblogic, WebSphere, XML, Tomcat, SAS, IIS, Oracle, and SQL server.
This is a direct hire position based in Alpharetta. Great opportunity to work on challenging projects with a top notch team and take your career to the next level. Telecommuting options after you get established.
- 5+ years of application security experience
- Strong manual web application security testing experience
- Knowledge of one or more of the following: HIPAA, PCI, SOC1/2, HITRUST, and SOX audit requirements
- Knowledge of the software development life cycle in a large enterprise environment
- Knowledge of DevSecOps methods integrating security controls into the CI pipeline
- Experience performing code reviews
- Programming background (prefer Python, Java, Perl, C++, Perl, Shell)
- Understanding of various web application architectures
- Understanding of server and client side application development
- Web Services technologies like XML, SOAP, RESTful, and AJAX
- Technical knowledge in security products, cryptographic suites, authentication, and authorization
- Web Servers
- In-depth knowledge of proxying tools (prefer Paros, Burp, WebScarab, and ZAP)
- Experience with any of the commercial SAST tools (SonarQube, VERACODE)
- Experience with open source tools (prefer Whisker and Nikto
- Networking tools (prefer OpenVAS/nmap)
- Consultative personality
- Excellent communication skills
Must be authorized to work in the U.S./Sponsorships are not available