BlackRock helps investors build better financial futures. As a fiduciary to our clients, we provide the investment and technology solutions they need when planning for their most important goals. As of June 30, 2018, the firm managed approximately $6.3 trillion in assets on behalf of investors worldwide. For additional information on BlackRock, please visit | | Blog: | LinkedIn: Job Description:. The Application Security team acts as a trusted assessor and risk advisor for the application development teams. The team comprises of junior and senior security engineers with expertise in application security and penetration testing. The team is the go-to team if one needs to get an attackers perspective on any technology. Your colleagues will be individuals who are passionate about technology and stay current with the knowledge of new attacks, vulnerabilities and security technologies. The Application Security team is a part of the Global Information Security (GIS) Team within the Technology and Operations umbrella. The team interacts with the numerous Software Development teams in issues as they relate to application security.. Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly-effective in the role. These skills and competencies include:. * Network and application Penetration Testing experience. Strong manual code review skills in Java, C/C++. Python, Perl. Understand essentials of cryptography, operating systems, network security, application security such as understanding of gcc, Java, Perl and Python. Familiarity with tools such as Veracode, Fortify, Contrast, CheckMarx, Coverity, FindBugs, BurpSuite, Kali Linux etc.. Understanding of security of web applications, thick-client applications, RESTful web services, virtualization, docker, kubernetes, etc. Proficiency in English for written and verbal communication. Ability to multitask and be able to juggle different tasks with ease. Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:. Bachelor's Tech/Master's Tech in Computer Science, Information Security, or a related field. 4+ years of work experience as source code reviewer or code analyzer. 4+ years of security, in an Application Risk Analysis or Information Security role. Relevant certifications are a plus (e.g., OSCP, OSCE, OSEE, SANS Certifications). BlackRock is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.. BlackRock will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the law, including any applicable fair chance law.. Glassdoor has millions of jobs plus salary information, company reviews, and interview questions from people on the inside making it easy to find a job that's right for you.