Web Application Security Engineer

Access Talent Today, LLC - Irvine, CA

Job Description:

Our client is looking to add an Application Security Engineer to their IT Operations Team. As a Web Application Security Engineer, you will be a key liaison between the software development teams and the security team - making sure the developers stay on top of their game for creating secure code, reviewing and testing code and builds from a security perspective, and following up on findings. In this fast-paced environment with multiple teams, you won't be chained to your desk, but have the opportunity to interact with people working on all aspects of our business.


Requirements:

  • An understanding of PCI Compliance and EU GDPR Requirements
  • Familiarity with SQL Server Administration and Queries
  • Knowledge of common scripting and application development languages (e.g. PowerShell, C#, Python, T-SQL etc.) and/or the ability to learn as required
  • The ability to provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high profile projects
  • An understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance
  • A general understanding of security fundamentals and general security technologies, including operating systems, network security (firewalls, VPNs, etc.), security event management, business continuity, physical security, identity management, directory services, etc.
  • Deep knowledge of OWASP Top 10 (2013 and/or 2017 Version) vulnerability detection and mitigation
  • Familiarity with security of LANs, WANs, Firewalls, VPN, MPLS and related Network Applications
  • Knowledge of Active Directory, DDNS, Group Policy, Microsoft Windows Server and Desktop operating systems
  • Knowledge of Linux based Operating Systems, Logging and Troubleshooting
  • A strong work ethic, including consistent documentation
  • The ability and a strong desire to work in fast paced, rapidly changing environment
  • Experience with application and network security
  • Experience with various tooling in the Application Security space
  • Experience identifying, assessing, and remediating technical security vulnerabilities
  • Knowledge of IT/Information Security Audit and assessment
  • Knowledge of PCI DSS and EU GDPR
  • Knowledge researching, analyzing and recommending information security solutions
  • Knowledge of/experience in Key Management Administration for encryption keys and secrets
  • A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis, vulnerability scanning, and data encryption
  • 3-5 years experience in information systems as a system administrator, application developer, or network administrator with at least two of those with direct information security duties
  • A Bachelor’s Degree in Information Technology, Information Security, Computer Science, or related field
  • An advanced industry certification, e.g. SANS GIAC (CEH - Certified Ethical Hacker or GXPN - Exploit Researcher and Advanced Penetration Tester, are preferred), Offensive Security Certified Professional (OSCP), CompTIA Security+, or CISSP are all pluses.


Softskills:

  • Working in a fast paced environment
  • Having an Agile mindset and being accountable for my role in the business
  • Producing quality work error free
  • Having the opportunity to collaborate with peers
  • Open and honest communication with the best interests of the business in mind
  • Teamwork


Posted On: Wednesday, August 8, 2018



Apply to this job
  • Additional Information