CISSP Certified Application Security Engineer-Penetration API Tester at Farmington, Michigan, USA |
Email: [email protected] |
From: Anoop, Sspearhead Inc. [email protected] Reply to: [email protected] Job Details: Job Title: CISSP Certified Application Security Engineer/ Penetration API Tester Location: Okemos, MI or Farmington Hills, MI Long Term Application Security Engineer Job Summary: Analyze and lead software designs and implementations from a security perspective, identify, and resolve security issues through the utilization of manual and automated testing. Provide appropriate security analysis, defenses, and countermeasures, at each phase of the software development lifecycle to result in robust and reliable software in alignment with information security best practices. Primary Job Responsibilities: Develops and maintains technical solutions for the ongoing improvement of Application security, as well as automating and orchestrating repetitive or manual tasks and promoting self-service. Keeps current on emerging technologies, open system standards, and management technologies as they relate to the support of our business needs. Leads operational tasks and responds to urgent requests when necessary, as well as participating in annual disaster recovery exercises and plan updates. Creates knowledge base articles and ensures they are kept up-to-date and provides operational training to partners and team members in accordance to industry standards. Leads safe and detailed security testing on applications, computers systems, and networks that are external or internal facing using manual tests and automated tools (such as: code scanning tools (dynamic/static), manual exploit testing scripts, manual application logic crawling). Demonstrates to technology and system owners how to exploit found vulnerabilities (break into) on applications and systems when they are identified to aid teams in understanding and remediating. Assists in defining and maintaining a well-rounded application security assessment program. Assist and support Senior Engineers and Architects with projects and defined deliverables. Work with internal infrastructure and platform teams to advise on risk reduction and facilitate remediation work to ensure application code is free of vulnerabilities. Minimum Qualifications: Position requires a bachelor's degree in information technology or a related field and five years' experience in information security or application development. CISSP is preferred. An Application Security certifications such as OSCP, GPEN, or GWEB is preferred. Will accept any suitable combination of education, training, or experience. Nice to have: Experience/Exposure to Aqua Security, Rapid7 Insight AppSec, Okta, Bitbucket, Experience with OAUTH and OIDC Experience with Kali testing tools Familiarity with Weblogic, Oracle database, and PostgreSQL Must Have: API Testing through the use of BurpSuite (or similar), Static Code Analysis, and Dynamic Code Analysis Experience with one or more programming languages such as Java, Python, or PowerShell Experience/Exposure to Get, BitBucket, Artifactory, Jenkins, or similar Thanks, Anoop Sspearhead Inc. www.Sspearhead.com Keywords: Michigan |
[email protected] View all |
Thu Aug 31 20:22:00 UTC 2023 |