Sr. Application Security Engineer
Apply NowCompany: Bridge Tech
Location: San Francisco, CA 94112
Description:
Company Description
Job Description
We need a resource who has experience working within a Vulnerability Management Program that understands Application Security with 5-7 years of security experience.
Experience with any of the following commercial application scanning tools such as Acunetix, IBM's AppScan, Client's WebInspect, NTOSpider, Cenzic's Hailstorm, Burp Suite Professional
Understanding of Web Services technologies such as XML, SOAP, and AJAX
Understanding of various web application frameworks such as ASP.NET, J2EE, Zend
Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat
Experience in application level attacks, bypassing firewalls, evading intrusion detection
Experience building automated tool sets or expanding existing toolset libraries
Secure code review experience using automated toolsets
Software Engineering career experience
Following Certifications: CISSP, CEH, GWAPT, GPEN, OSCP
Thorough understanding of software vulnerabilities
Knowledge of OWASP Top 10, SANS Top 25, CWE, WASC
Ability to demonstrate understanding of vulnerability remediation
Familiarity with malicious code identification and common hacker attack techniques
Ability to research and reproduce vulnerability exploitation
Understanding of advanced cryptographic concepts.
Ability to demonstrate manual testing experience including all of OWASP Top 10.
Qualifications
Skills Required
Excellent problem solving and analytical skills
Superior oral and technical writing communication skills
Independence, self-managed, and motivated
Knowledge of the Software Development Lifecycle in an enterprise environment
Programming experience in two of the following languages: C#, Java, Python, Ruby
Additional Information
All your information will be kept confidential according to EEO guidelines.
Job Description
We need a resource who has experience working within a Vulnerability Management Program that understands Application Security with 5-7 years of security experience.
Experience with any of the following commercial application scanning tools such as Acunetix, IBM's AppScan, Client's WebInspect, NTOSpider, Cenzic's Hailstorm, Burp Suite Professional
Understanding of Web Services technologies such as XML, SOAP, and AJAX
Understanding of various web application frameworks such as ASP.NET, J2EE, Zend
Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat
Experience in application level attacks, bypassing firewalls, evading intrusion detection
Experience building automated tool sets or expanding existing toolset libraries
Secure code review experience using automated toolsets
Software Engineering career experience
Following Certifications: CISSP, CEH, GWAPT, GPEN, OSCP
Thorough understanding of software vulnerabilities
Knowledge of OWASP Top 10, SANS Top 25, CWE, WASC
Ability to demonstrate understanding of vulnerability remediation
Familiarity with malicious code identification and common hacker attack techniques
Ability to research and reproduce vulnerability exploitation
Understanding of advanced cryptographic concepts.
Ability to demonstrate manual testing experience including all of OWASP Top 10.
Qualifications
Skills Required
Excellent problem solving and analytical skills
Superior oral and technical writing communication skills
Independence, self-managed, and motivated
Knowledge of the Software Development Lifecycle in an enterprise environment
Programming experience in two of the following languages: C#, Java, Python, Ruby
Additional Information
All your information will be kept confidential according to EEO guidelines.