Search Jobvertise Jobs
Jobvertise

Security Software Engineer (W2 / 1099 Only)
Location: US-DC-Washington
Email this job to a friend

Report this Job

Report this job




Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other







Apply Online
or email this job to apply later

Required Public Trust Clearence.

Job Description:
  • Security engineer to test, advise and consult on application security for internal and external web systems and applications.
  • Verify findings as needed with application development team
  • Perform manual source code review for security vulnerabilities
  • Write formal security assessment report for each application
  • Perform bug hunting/penetration testing, threat modeling, risk analysis and thorough reporting to Security, Dev and Ops teams
  • Identify and remediate XSS, CSRF, SSRF, RCE and other attack surfaces
  • Demonstrated ability to meet deliverables, timetables, and deadlines.
  • Knowledge of current and emerging security and information technology standards and practices.
  • Experience conducting vulnerability assessments and articulating security issues to technical and non-technical audience.
  • Other activities to ensure performance and the information security program
Security Software Engineer Requirements:
  • Hands-on experience working with application security in the realms of smoke testing, error handling, static code analysis, pre commit hooks, attack mapping, container security, continuous monitoring, authentication, session management and dependency mapping as well as penetration test tooling like Burp Suite, Metasploit and WebInspect
  • Vulnerability Management, Threat Vector Analysis, Intrusion Detection and Prevention, Incident Management and Response, Web Application Security, Risk Assessment and Mitigation Methodologies
  • Proficiency in building and automating efficient and effective scripts from scratch with languages such as Python, Node.js, sh, Perl, etc.
  • Experience applying knowledge of information security concepts and theories through technical and non-technical methods.
  • Solid understanding of cyber security threats, risks, vulnerabilities, and attacks, giving insight into threat actor motives, capabilities, and techniques.
  • Experience with WebInspect, AppScan Source, Fortify, Veracode, Sonatype or Blackduck platform
  • Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected.
Skills and Competencies:
  • Understanding of web service technologies such as XML, JSON, SOAP, and REST
  • Thorough understanding of security methodologies and frameworks like SSDLC, MITRE ATT&CK, NIST CSF and OWASP Testing Guide v4
  • Strong coding skills in multiple common languages such as C#, Python, Ruby, Perl, Go, PHP and SQL and working knowledge of network and web related protocols TCP/IP, UDP, IPSEC, HTTP/S and BGP
  • Identify and remediate XSS, CSRF, SSRF, RCE and other attack surfaces
  • Security compliance regimes: NIST, PCI-DSS, ISO 27000, CIS, etc.
  • Background in J2EE, web frameworks, and .NET is a plus

Evurge Solutions

Apply Online
or email this job to apply later


 
Search millions of jobs
Jobvertise

Jobseekers
Search Jobs
Post your Resume
Setup Job Alerts
Jobseeker Q&A
Jobseeker Resources
Jobseeker Blog
Create Free Account
Jobseeker Login
Employers
Search Resumes Free
USA Resumes
Canada Resumes
International Resumes
Featured Jobs
Pricing
Employer Info
Employer FAQ
Employer Blog
Create Account
Employer Login
Company
Testimonials
Link To Us
Company Info
Contact Us

Jobs by Title | Resumes by Title | Top Job Searches
Privacy | Terms of Use


* Free services are subject to limitations