LivWell Enlightened Health
3 days ago Be among the first 25 applicants
Enlightened, Inc.
is seeking to hire a Sr. Security Engineer. The Security Engineer will work with development teams to carry out Application Security reviews and compliance guidelines. This role ensures that adequate and effective security processes, controls, and lifecycles are followed and aligned to deliver application security best practices and frameworks in order to follow the security policy and regulatory requirements. The Application Security Engineer supports the information security and compliance program, establishing appropriate assessments, managing and tracking risk mitigation and remediation activities.
Duties And Responsibilities
Perform threat modeling, vulnerability analysis, penetration testing, code review, and SDLC support
Provide expert advice and consultancy to customers on risk assessment, threat modeling and fixing vulnerabilities.
Design, implement and support security-focused tools and services.
Write technical reports (e.g. based on findings, System Security Plans)
Identify security vulnerabilities in applications
Offer solutions to discovered vulnerabilities
Suggest secure design techniques to management and customers to improve application security posture
Prepare reports on project progress and present results to the customer and management
Maintain current knowledge of relevant vulnerabilities and mitigation techniques
Perform comprehensive code reviews
Provide consultancy for Product development, Engineering & Operations team on technical security issues and remediation.
Required Skills
7+ years of experience in Cyber Security.
3+ years of experience in application security.
Working knowledge of NIST 800-53 rev. 4
Experience in vulnerability testing and auditing
Prior code audit / application penetration testing
Knowledge of secure development practices and techniques (e.g. OWASP Top Ten)
Knowledge of and experience working with common Application Security Tools (e.g. Fortify, AppScan, WebInspect)
Knowledge of security flaws and its resolution as listed in sites like OWASP, SANS, etc.
Well versed with common web application and cloud security flaws and exploitation techniques as put forth by sources such as the SANS, OWASP Top 10 and Cloud Security Alliance (CSA)
Desired Skills
Experience as a .Net or Java developer.
Languages experience: Java/C#, T-SQL, JavaScript, HTML
Experience and knowledge of industry IDS/IPS, logging, vulnerability, monitoring, firewall technology, wireless security, Anti-virus protection, OS patching, data loss prevention and SIEM technology and solutions
Nice to have one or more of following Certification(s): GIAC Certified Web Application Defender (GWEB), GIAC Secure Software Programmer-Java (GSSP-JAVA), GIAC Web Application Penetration Tester (GWAPT), Certified Ethical Hacker (CEH), Certified Secure Software Lifecycle Professional (CSSLP)
Enlightened, Inc. is an Equal Opportunity Employer
#J-18808-Ljbffr
Enlightened, Inc.
is seeking to hire a Sr. Security Engineer. The Security Engineer will work with development teams to carry out Application Security reviews and compliance guidelines. This role ensures that adequate and effective security processes, controls, and lifecycles are followed and aligned to deliver application security best practices and frameworks in order to follow the security policy and regulatory requirements. The Application Security Engineer supports the information security and compliance program, establishing appropriate assessments, managing and tracking risk mitigation and remediation activities.
Duties And Responsibilities
Perform threat modeling, vulnerability analysis, penetration testing, code review, and SDLC support
Provide expert advice and consultancy to customers on risk assessment, threat modeling and fixing vulnerabilities.
Design, implement and support security-focused tools and services.
Write technical reports (e.g. based on findings, System Security Plans)
Identify security vulnerabilities in applications
Offer solutions to discovered vulnerabilities
Suggest secure design techniques to management and customers to improve application security posture
Prepare reports on project progress and present results to the customer and management
Maintain current knowledge of relevant vulnerabilities and mitigation techniques
Perform comprehensive code reviews
Provide consultancy for Product development, Engineering & Operations team on technical security issues and remediation.
Required Skills
7+ years of experience in Cyber Security.
3+ years of experience in application security.
Working knowledge of NIST 800-53 rev. 4
Experience in vulnerability testing and auditing
Prior code audit / application penetration testing
Knowledge of secure development practices and techniques (e.g. OWASP Top Ten)
Knowledge of and experience working with common Application Security Tools (e.g. Fortify, AppScan, WebInspect)
Knowledge of security flaws and its resolution as listed in sites like OWASP, SANS, etc.
Well versed with common web application and cloud security flaws and exploitation techniques as put forth by sources such as the SANS, OWASP Top 10 and Cloud Security Alliance (CSA)
Desired Skills
Experience as a .Net or Java developer.
Languages experience: Java/C#, T-SQL, JavaScript, HTML
Experience and knowledge of industry IDS/IPS, logging, vulnerability, monitoring, firewall technology, wireless security, Anti-virus protection, OS patching, data loss prevention and SIEM technology and solutions
Nice to have one or more of following Certification(s): GIAC Certified Web Application Defender (GWEB), GIAC Secure Software Programmer-Java (GSSP-JAVA), GIAC Web Application Penetration Tester (GWAPT), Certified Ethical Hacker (CEH), Certified Secure Software Lifecycle Professional (CSSLP)
Enlightened, Inc. is an Equal Opportunity Employer
#J-18808-Ljbffr