HotJobs365 | 100% remote Job opportunity for Application Security Engineer

100% remote Job opportunity for Application Security Engineer

About this job:	Hi Samson, Hope you are doing well This is “Ayush Kumar” with “Business Integra Inc”. We have the below requirement for “Application Security Engineer” with one of our clients. Please find the job description below and let me know if you are interested or know someone who will be interested. Job Details: Title: Application Security Engineer Location: 100% remote Responsibilities: Responsible for review and triage of DAST scan findings. This includes but is not limited to manually reproducing and retesting vulnerabilities identified by enterprise web application (DAST) scanning tool, and providing effective consulting to IT partners on how to fix vulnerabilities, and/or what mitigating controls can be implemented to reduce risk when vulnerabilities cannot be remediated. Perform DAST report reviews to validate vulnerabilities identified and be able to manually exploit those vulnerabilities to demonstrate the risk to application owners, that they are not false positives, and ensure compliance with Enterprise Security Policies and Directives. This includes OWASP Top 10, SANS 25 software flaws, and other vulnerabilities. Configure/tune Enterprise DAST scanning tool and support IT app owners in successfully running self-service DAST scans on their apps Periodically run DAST scans, and execute manual DAST scans on IT applications as needed using manual tools to validate and reproduce the vulnerabilities, such as Metasploit, Burp Suite, Snort, and others Support automated scanning processes to apply a risk based approach to vulnerability prioritization and collaborate with IT partners to drive remediation efforts to meet required metrics thresholds Provide technical education to IT app owners on innerworkings of how web application vulnerabilities are produced, identified, and how they are fixed. Document and report out DAST scan findings to business and IT app owners to relay risk Collaborate with Corporate Security partners to develop and evolve DAST scanning program for Solar Cybersecurity Provide DAST program awareness, education, and guidance about DAST tools and process best practices to IT partners Provide backup support on team SAST scanning operations including but not limited to assisting IT app owners with running SAST scans on their apps, reviewing SAST scan reports, and explaining risk of vulnerabilities found Provide backup support as needed on firewall rule request and implementation operational processes. Ongoing Training and Certification: Cybersecurity Analysts are expected to maintain relevant certifications and grow as Cybersecurity professionals. This is accomplished through internal and external Cybersecurity training opportunities. Minimum Qualifications: Bachelor’s degree in Computer Science, Information Technology, or related field 5+ years previous Information Technology and/or Cybersecurity experience 2+ years previous experience with DAST scanning tools and triage Preferred Qualifications: Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10) Familiar with access control systems, network security, or cryptography 5+years of advanced working knowledge of Windows and Linux operating systems Active CISSP Certification or relevant industry certifications, SANs, etc. certification Experience developing software using JavaScript, .Net, Python, Java, etc.. Previous experience with SAST scanning tools and triage Previous experience with Risk Management frameworks Previous experience with Threat Model Assessments Previous experience with Project Management (Waterfall, Agile, etc.) Strong analytical and problem-solving skills Excellent oral and written communication skills Ability to work independently and in a team environment V/R, Ayush Kumar (AK) Delivery Manager (Special Accounts) at Business Integra Inc O: 301-474-9600 X 106 C: 240-448-6518 E: ayush.kumar@businessintegra.com W: www.businessintegra.com A: 6550 Rock Spring Dr., Suite # 600 Bethesda, MD 20817 LinkedIn: linkedin.com/in/ayushtyagi Disclaimer: We respect your Online Privacy. This is not unsolicited mail. Under Bill s.1618 Title III passed by the 105th U.S. Congress, this mail cannot be considered Spam as long as we include Contact information and a method to be removed from our mailing list. If you are not interested in receiving our e-mails then please reply with a "remove" in the subject line and mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience caused to you!

About this job:

Hi Samson,

Hope you are doing well

This is “Ayush Kumar” with “Business Integra Inc”. We have the below requirement for “Application Security Engineer” with one of our clients.

Please find the job description below and let me know if you are interested or know someone who will be interested.

Job Details:

Title: Application Security Engineer

Location: 100% remote

Responsibilities:

Responsible for review and triage of DAST scan findings. This includes but is not limited to manually reproducing and retesting vulnerabilities identified by enterprise web application (DAST) scanning tool, and providing effective consulting to IT partners on how to fix vulnerabilities, and/or what mitigating controls can be implemented to reduce risk when vulnerabilities cannot be remediated.
Perform DAST report reviews to validate vulnerabilities identified and be able to manually exploit those vulnerabilities to demonstrate the risk to application owners, that they are not false positives, and ensure compliance with Enterprise Security Policies and Directives. This includes OWASP Top 10, SANS 25 software flaws, and other vulnerabilities.
Configure/tune Enterprise DAST scanning tool and support IT app owners in successfully running self-service DAST scans on their apps
Periodically run DAST scans, and execute manual DAST scans on IT applications as needed using manual tools to validate and reproduce the vulnerabilities, such as Metasploit, Burp Suite, Snort, and others
Support automated scanning processes to apply a risk based approach to vulnerability prioritization and collaborate with IT partners to drive remediation efforts to meet required metrics thresholds
Provide technical education to IT app owners on innerworkings of how web application vulnerabilities are produced, identified, and how they are fixed.
Document and report out DAST scan findings to business and IT app owners to relay risk
Collaborate with Corporate Security partners to develop and evolve DAST scanning program for Solar Cybersecurity
Provide DAST program awareness, education, and guidance about DAST tools and process best practices to IT partners
Provide backup support on team SAST scanning operations including but not limited to assisting IT app owners with running SAST scans on their apps, reviewing SAST scan reports, and explaining risk of vulnerabilities found
Provide backup support as needed on firewall rule request and implementation operational processes.
Ongoing Training and Certification:
Cybersecurity Analysts are expected to maintain relevant certifications and grow as Cybersecurity professionals. This is accomplished through internal and external Cybersecurity training opportunities.

Minimum Qualifications:

Bachelor’s degree in Computer Science, Information Technology, or related field
5+ years previous Information Technology and/or Cybersecurity experience
2+ years previous experience with DAST scanning tools and triage

Preferred Qualifications:

Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10)
Familiar with access control systems, network security, or cryptography
5+years of advanced working knowledge of Windows and Linux operating systems
Active CISSP Certification or relevant industry certifications, SANs, etc. certification
Experience developing software using JavaScript, .Net, Python, Java, etc..
Previous experience with SAST scanning tools and triage
Previous experience with Risk Management frameworks
Previous experience with Threat Model Assessments
Previous experience with Project Management (Waterfall, Agile, etc.)
Strong analytical and problem-solving skills
Excellent oral and written communication skills
Ability to work independently and in a team environment

V/R,

Ayush Kumar (AK)

Delivery Manager (Special Accounts) at Business Integra Inc

O: 301-474-9600 X 106 C: 240-448-6518

E: ayush.kumar@businessintegra.com W: www.businessintegra.com

A: 6550 Rock Spring Dr., Suite # 600 Bethesda, MD 20817

LinkedIn: linkedin.com/in/ayushtyagi

Signature logo-2020

Disclaimer: We respect your Online Privacy. This is not unsolicited mail. Under Bill s.1618 Title III passed by the 105th U.S. Congress, this mail cannot be considered Spam as long as we include Contact information and a method to be removed from our mailing list. If you are not interested in receiving our e-mails then please reply with a "remove" in the subject line and mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience caused to you!

Apply for this job

100% remote Job opportunity for Application Security Engineer

Apply Online