Job Details

Information Security Engineer

ARLINGTON-22210, VA, US
09/10/2018

-


Required Skills

    PHP
Company

Infinity Consulting Solutions, Inc

Experience

-

Job Description

Information Security Engineer

Responsibilities:

The information security team is responsible for managing security tools, security initiatives & programs, and mitigating risks faced.

This is a highly technical, hands-on role that requires a wide and deep experience in the technical aspects of security as well as the soft skills needed to move at the speed of business.

This position requires practical knowledge of web application security, vulnerability assessment tools, secure coding methodologies, and data privacy & protection.

Maintain, Configure, Support and Administer Web Application Scanning tools

Perform vulnerability assessment of internal and external applications via automated and manual techniques

Direct and consult with development teams in the remediation efforts of security findings and explain risk and trade-offs in differing methods of remediation

Interface with external security services to receive, triage, and resolve vulnerabilities

Conduct or manage penetration testing, in which simulated attacks on the systems are highlighted to find any weaknesses that might be exploited by a malicious party

Work with technical and non-technical teams to define and document application security requirements vulnerability validation and manual source code reviews

Required:

Bachelor’s degree from an accredited university required, Computer Science program strongly preferred

4+ years of experience as an engineer, implementing and monitoring security measures for the protection of computer systems, networks and web applications

4+ years of experience identifying and defining web application security vulnerabilities

Desired Certification in Information Security - CISSP, CISM, CEH, GPEN, GWAPT

Experience with the following Web Assessment tools such as: Contrast, Veracode, Fortify, WebInspect, BURP Suite PRO, SoapUI

Familiarity with Security technologies, including authentication/access control mechanisms, encryption, penetration testing, Source Code Analysis and Web Vulnerability
Assessment

Have hands on experience resolving web application vulnerabilities

Thorough understanding of the latest security principles, techniques, and protocols

Experience with data stream and data messaging services, including syslog, web API Get calls, JSON, etc.

An understanding of ethical hacking methodologies, Secure Coding, frameworks, and industry resources, e.g. OWASP, NIST publications, SANS/CWE

Working knowledge of network protocols and Wintel/Linux/Unix system internals and transport protocols (TCP, TLS, HTTP/S, UDP)

Demonstrated In-depth knowledge and understanding of computer applications to demonstrate proficiency with development frameworks& languages (Java, NET, C/C++, C#, PHP etc.)

Ability to conduct Manual Source Code Security Analysis of developer source looking for coding flaws and errors for remediation

In addition, the ideal candidate must have strong communication and problem-solving skills.

Must be able to build and maintain relationships with varying levels of management within all departments.




Security Architect
Information Technology

No Preference
FullTime Job
Other
1

Candidate Requirements
-
Bachelors

Walkin Information
-
-
-

Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
-