Affinity Staffing has an exciting opportunity for an Application Security Engineer. You will be the key point of contact as the interface between software developers and the Security team.
Your mission is to ensure the security of applications by working with software developers to build secure systems, by prioritizing and tracking security issues identified at the application layer, and by monitoring the security of applications in a global production environment.
Performing code and design reviews of all internal and external software products
Developing and implementing automated tests to enforce security standards
Developing a security training and education program for software developers
Designing application-level metrics and monitoring to detect abuse
Ongoing monitoring of production applications and investigation of anomalous activity
Ensuring that issues identified are appropriately prioritized and addressed in future product releases
Prioritizing and tracking application security issues across the company
Working with software engineering teams to ensure timely resolution of issues
Analyzing issue metrics to surface patterns
Identify, highlight, and provide application security recommendations during requirement and design reviews
Track open issues and follow up with different teams to address the open issues.
Experience and Skills :
B.E Computer Science / Information Systems or related field or equivalent experience
5 plus years of experience as a developer or in application security.
Strong programming background
Experience with Angular, Java, .Net, ASP.Net MVC, Entity Framework, Hibernate, Spring, Web Services (SOAP / WSDL or ReST / WADL), WCF
Knowledge of authentication mechanisms like SAML, OAuth, etc.
Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc.
Experience in secure application programming, code reviewing, and penetration testing web based applications (Veracode, TFS, WebInspect, Qualys, F5 ASM)
Experience in security testing mobile applications
Ability to work effectively with technical and non-technical personnel in a cross-functional setting
Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments
Identify security risks and develop solutions to eliminate or minimize risks
Knowledge of software design, software and network architecture, protocols, and standards
Excellent verbal and written communication skills
ISC2 (CISSP, CSSLP) and GIAC (GWAPT, GSSP-.NET / JAVA, GWEB) certifications desirable
Analysis : Identify and understand issues, problems, and opportunities; compare data from different sources to draw conclusions.
Communication : Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
Exercising Judgment and Decision Making : Use effective approaches for choosing a course of action or developing appropriate solutions;
recommend or take actions that are consistent with available facts, constraints, and probable consequences.
Technical and Professional Knowledge : Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-
related areas; remain current with developments and trends in areas of expertise.
Building Effective Relationships : Develop and use collaborative relationships to facilitate the accomplishment of work goals.
Client Focus : Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.
Ability to travel to the US on an occasional basis, including for an extended time for training.
About Affinity Staffing :
Affinity Staffing is a full service Information Technology agency that takes a unique approach to recruiting. We believe recruiting is about creating long term relationships that foster a mutually beneficial partnership -
an affinity. Bringing a new style of recruiting founded on four core principles Transparency Flexibility Efficiency Agility.
For more information on Affinity Staffing, please visit www.affinitystaffing.ca