Senior Application Security Testing Engineer

19 May 2024

Vacancy expired!

We are Global Information Technology Solutions and Services provider, with offices in USA, UK, Switzerland, Poland, India, Singapore, Malaysia, Colombia and Hong Kong with our head office in New JerseyInc. 500 & 5000 Honoree Company for 2012,2013,2014,2015, 2016 , 2017 & 2021Ranked No. 270 on the 2012 Inc. 500 List2012, 2016 , 2017 and 2021 NJ 50 Fastest Growing CompaniesOur direct client, a Global Investment Bank is looking to hire a

Senior Application Security Testing Engineer in

Raleigh, NC.

Skills:
  • A proven track record of overall 5+ years of relevant experience in Application Security Testing, Application Development or Information Security.
  • Professional understanding of IT security, application security technologies, and threat modeling concepts.
  • Detailed understanding and proven experience with common security libraries, security controls, security flaws and remediation planning / delivery.
  • Hands on experience with AST solutions (SAST, IAST, DAST) and vulnerability analysis.
  • Equivalent experience with implementing security controls in the CI/CD pipeline.
  • Development experience in one or more languages (Java, .Net, etc.) in a production environment.

Job Description:
  • Develop and enhance the Application Security Testing (AST) service within the DPAS team, part of ESS.
  • Designing of end-to-end processes, implement and roll-out AST solutions and services (e.g., security controls within the CI/CD pipeline). This includes integration with other products/process/services, preparing workflows, automations, defining requirements for implementation and operational teams, and the creation and maintenance of AST documentation.
  • To engage as the Subject Matter Specialist with divisional partners and application development teams to address technical integration issues and vulnerability remediation.
  • Develop creation of security training and enablement throughout the organization.
  • Development, integration and enhancement of application security metrics and reporting.