103 applicantsPosted by Agency

Company

Original Job Post

Vertex Solutions Inc. · 2 days ago

Application Security Specialist

United States

Contract

Remote

Senior Level

4+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ConsultingInformation Technology

Hiring Manager

Tammi Heiney

Insider Connection @Vertex Solutions Inc.

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Ethically hack the wide range of internally developed products.

Participate in Red and Purple Teaming activities.

Assist with Threat Modelling and product design security reviews.

Investigate possible issues in a FedRAMP production environment and assist in ensuring its secure configuration with our SRE and DevSecOps teams.

Consult on security best practices across our Engineering, Cloud, SRE, DevOps and Product management groups to achieve end to end security for our products.

Collaborate with the application development teams to ensure a common and shared understanding of any security issues.

Help develop internal security standards and policies.

Mentor & train peers in advanced security testing, tools, and automation.

Review and understand results from SCA, SAST, DAST and other vulnerability scanning tools.

Research and advise on usage of the latest tools and techniques to ethically hack and defend applications.

Maintain awareness of the latest security trends and zero-day findings.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Security experienceEthical hackingPenetration testingBug bountyMainframe security testingSecurity toolingVulnerability toolkitsApplication architecturesOWASP Top 10 RisksAuthentication modelsAWS securityAzure securityGCP securityKubernetes securityContainer-based deploymentsLeading security toolingSCASASTDASTWAFDDoS protectionVirtual patchingDevSecOpsScriptingAutomationPythonBashPowerShellWorkflow enginesOWASP framework

Required

4-6 years minimum of Security Experience Required.

Proven experience in ethical hacking of web applications through penetration testing or red teaming. Bug bounty success ideal.

Experience of security testing non-web applications is highly desirable, including mainframe.

Advanced knowledge of security tooling and vulnerability toolkits.

Good understanding of application architectures designs, and the common tech stacks involved.

Full understanding of the OWASP Top 10 Risks, and how to mitigate them.

Common authentications models (SAML, OAuth, OIDC, JWT).

AWS related security and attack vectors (or Azure / GCP) essential.

Kubernetes related security and attack vectors (or other container-based deployments) useful.

Experience of leading security tooling (SCA, SAST, DAST and beyond).

Knowledge of WAF / DDoS protection options and virtual patching techniques.

Experience of DevSecOps, and the common vulnerabilities and weaknesses within the software delivery pipeline.

Experience with scripting and automation (Python, Bash, PowerShell, workflow engines or other automation systems).

Awareness of OWASP, SANS and MITRE ATT&CK frameworks.

Demonstrated ability to mentor others.

Demonstrated excellence in English communication skills in a stakeholder facing environment.

Must be self-directed, resilient, and creative.

Working knowledge of FedRAMP requirements and processes advantageous.

CISSP, CSSLP and other similar certifications can help.

Full agile scrum working experience a benefit.

Preferred

Software Engineering background useful.

Company

Vertex Solutions Inc.

Who we are: Vertex Solutions Inc.

Founded in 2001

East Brunswick, New Jersey, USA

51-200 employees

http://vertexsolutionsinc.com/

Funding

Current Stage

Growth Stage

Company data provided by crunchbase

Orion

Your AI Copilot