This job has closed.

INSPYR Solutions · 1 month ago

Application Security Analyst/Engineer

United States

Full-time

Remote

Senior Level

$60/hr - $85/hr

5+ years exp

INSPYR Solutions is a national expert in delivering flexible technology and talent solutions. They are seeking an Application Security Analyst/Engineer responsible for analyzing the security of web applications and services, guiding technology evaluation, and implementing security measures.

Information TechnologyProfessional ServicesStaffing Agency

No H1B

U.S. Citizen Only

Responsibilities

Perform black-box and white box security testing on web applications and web services, including web application penetration testing

Integrate security testing tools into the quality assurance process

Perform code reviews with the software engineering team and identity common coding flaws

Conduct vulnerability analysis of software patches and updates and prepare vulnerability analysis reports

Conduct threat modeling and document software attack service elements

Conduct risk analysis of applications and systems undergoing major changes

Determine project security controls from customer requirements and develop documentation to capture them

Integrate software cybersecurity objectives into project plans and schedules

Address security implications in the software acceptance phase

Conduct trial runs of programs and software applications with software engineering

Develop software system testing and validation procedures

Determine cybersecurity measures for steady state operation and management of software

Incorporate product end-of-life cybersecurity measures

Collaborate with the InfoSec team to assess and assist in remediation of vulnerabilities

Qualification

CIA principlesRisk management processesCybersecurity principlesWeb application securitySecurity testing toolsRoot cause analysisStatic code analysisSecure coding techniquesPenetration testingCustomer interviewsRisk analysisCommunication skills

Required

US Citizen, GC Holders or Authorized to Work in the U.S

Proficient knowledge in Confidentiality, Integrity and Availability (CIA) principles and practices

Proficient knowledge in Risk management processes, models, frameworks, principals and best practices including the supply chain

Proficient knowledge in Risk acceptance and documentation

Proficient knowledge in Root cause analysis tools and techniques

Proficient knowledge in Customer and cybersecurity requirements and gathering

Proficient knowledge in Cybersecurity and privacy principles and practices

Proficient knowledge in Cybersecurity threats and their characteristics

Proficient knowledge in Cybersecurity vulnerabilities

Proficient knowledge in Defense-in-depth principles and practices

Proficient knowledge in Software engineering and software security principles and practices

Proficient knowledge in Secure coding tools and techniques

Proficient knowledge in Code analysis tools and techniques

Proficient knowledge in Web application and web service risk

Proficient knowledge in Web application and web service protocols

Proficient knowledge in Security and penetration testing principles, practices, tools and techniques

Proficient knowledge in Automated and black-box software security testing tools and techniques

Proficient skills in Performing root cause analysis

Proficient skills in Identifying systems designed without security considerations

Proficient skills in Scanning for and recognizing vulnerabilities

Proficient skills in Applying black-box software testing

Proficient skills in Designing secure test plans

Proficient skills in Communicating with engineering staff

Proficient skills in Conducting customer interviews

Proficient skills in Performing risk analysis

Proficient skills in Performing static code analysis

Preferred

Web Application Security Testing Certification

GIAC, PortSwigger

Five or more years performing web application and web service security assessments, including threat modeling, automated scanning and manual penetration testing

Equivalent professional experience