This Job Vacancy has Expired!

Application Security Assessment Lead REMOTE

Request Technology - Craig Johnson

Posted on Oct 1, 2021 by Request Technology - Craig Johnson

Not Specified, PR
IT
Immediate Start
$120k - $155k Annual
Full-Time


*We are unable to sponsor for this permanent Full time REMOTE role*

*Position is bonus eligible*

Prestigious Security Professional Services Firm is currently seeking a Application Security Assessment Lead. Candidate will join a team within a thriving company with an engineering-centric culture. Candidate will have solid experience reviewing applications for security, recommending security improvements, and performing remote and local testing of applications. Candidates will join a nimble security assessment team that emphasizes results, and provides mentorship towards autonomy while giving each team member the opportunities and support to advance in a high-impact position within our fast-moving, independent technology company.

Responsibilities

  • Meet with clients to explain offerings and gather requirements
  • Formal security assessment of mobile and web applications
  • Security review of service delivery configurations
  • On-site and remote penetration testing
  • Discover and exploit vulnerabilities in applications, APIs, systems, and protocols
  • Document, rate, and explain findings in the context of client systems and requirements
  • Communicate client-focused recommendations for remediating documented findings
  • Work with client developers to review proposed remediations
  • Candidates will be considered for position and responsibility commensurate with experience.

Qualifications

  • Experience participating in all aspects of application security assessment, including pre-sales and post-delivery discussions with clients
  • Experience validating the output of multiple tools and techniques, and synthesizing those results into actionable findings
  • Ability to communicate well in front of clients while engaged in assessment work; ability to understand complex requirements, and explain complex findings
  • Familiarity with both black-box penetration testing and white-box assessment techniques
  • Experience assessing the security of common application service delivery environments, including dedicated cloud-based platforms
  • Experience performing penetration tests against a variety of operating systems, network architectures, and services

  • 3-5 years experience performing web and mobile application security assessments

  • Proficiency with common office software packages including MS Word and Excel
  • Excellent reading, writing, and verbal communication skills
  • Proficiency with networking and testing tools including Nexpose, Metasploit, Burp Suite, nmap, Nessus, etc.
  • Detailed understanding of key application security principles
  • Excellent reading comprehension
  • B.S. Degree or equivalent work experience

Preferred Skills

  • Experience advising clients on the security aspects of public and private regulatory regimes and standards (especially HIPAA, PCI, and FISMA) as they relate to applications handling sensitive data
  • Experience working with development teams to address security issues both within the development life cycle and after testing
  • Proficiency with other common security testing tools



Reference: 1342168305

Set up alerts to get notified of new vacancies.