This Job Vacancy has Expired!

Software Security Engineer - Deerfield (Great culture!)

Posted on Sep 24, 2019 by Responsive Search, Inc.

Deerfield, IL 60015
IT
Immediate Start
$85k - $100k Annual
Full-Time

We are looking for an Application/Software Security Engineer for a growing client in the Deerfield area. This is a permanentdirect hire position with salary plus benefits and Bonus potential. Great culture, growing team, with strong benefits. If you enjoy a work-hard play hard environment, you will want to look at this organization!

Duties:

  • Conduct vulnerability assessments against web applications and APIs utilizing automated tooling and manual approaches.
  • Help evolve the application security functions and services
  • Work closely with various engineering teams to establish, implement and promote security standards to properly secure applications.
  • Implement and automate static code analysis.
  • Perform regular application vulnerability assessments and lead initiatives to resolve any security flaws.
  • Automate security log collection and analysis wherever possible.
  • Establish and promote secure coding practices and general security awareness across multiple development teams.
  • Perform assessments and correlate vulnerability data, in order to quickly identify risks.
  • Produce reports on patches, exploits, and vulnerabilities.
  • Develop, schedule, and execute automated security audits on infrastructure using industry standard security frameworks and tooling.
  • Recommend and track the application of fixes, security patches, and security updates.

Requirements:

  • 2-4 years professional experience in Software Security.
  • Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security.
  • Experience writing and testing web applications and web services in programming languages like JavaScript and .NET
  • Knowledge to perform manual application source code security reviews for applications as well as some penetration testing
  • Some knowledge of Cloud environments like Azure, AWS and Google preferred
  • Any experience with Vulnerability Management a PLUS
  • Knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security.
  • Some knowledge of security tools such as intrusion detection systems, vulnerability scanners like Nessus, traffic analysis tools and packet sniffers like Wireshark, log collection and analysis like the ELK stack.
  • Knowledge of industry security standards, principles, techniques and technologies (OWASP Top 10, ISO27001, NIST etc.)
  • Familiarization with patching processes and related technologies (eg SCCM, Ivanti DSM, Patch Manager, Kaseya, Jamf Pro, ManageEngine Desktop Central, and Kenna).
  • Knowledge of and expertise with at least one of the following industry-standard vulnerability management tools. Nessus, Qualys, Nmap, Rapid7 Nexpose, Metasploit, Burp Suite, Fortify, or HP Webinspect. Preferrably Nessus solution.
  • Knowledge of metrics, and trending for vulnerability management functions a PLUS

No relocation.

Reference: 760990003

Set up alerts to get notified of new vacancies.