Cyber Security Engineer

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

OB RESPONSIBILITIES

Overall Purpose: Working in a team environment to provide the testing, analysis, and coordination of application security issues, supporting the development team and user base, while hardening the overall application security profile

Key Tasks

• Designing and implementation of automated security testing tools
• Performing Application level Penetration Tests
• Coordination, management, tracking, and executive level reporting of security issues identified via testing
• Triage, Research, Analysis, and Mitigation recommendations for identified vulnerabilities
• Participation in validation of software releases and hardware upgrades
• Communicate with Application Development when upgrades introduce application security issues
• Assist in efforts to further embed application security within the SDLC, specifically leveraging automation & continuous integration
• Participate in Application Security Assessments and Reviews

Minimum:

• Bachelor's Degree in Computer Science, Computer Information Systems, Cyber Security, or similar accreditation
• 1-2 years in a Software Development or Application Security role
• Experience with DAST and SAST Automated Testing Tools

Essential Experience

• Experience in Application Penetration Testing
• Functional Knowledge with DAST & SAST Testing
• Familiarity with Security Frameworks and Standards, such as: NIST, HiTrust, HIPPA, and PCI
• Understanding of the most common vulnerabilities, such as: OWASP Top 10 or SANS Top 25

Desired Experience

• Prior Use Experience of Burp Suite Enterprise for Manual, DAST Testing, and CheckMarx for SAST Testing.
• Configuration of Continuous Integration processes using Jenkins
• Build Automation using Maven/Ant/Gradle
• Front-Web Web Development experience, specifically using Javascript
• Configuration and Administration of Apache and Java environments
• Authentication Frameworks, such as: SAML, OpenID, OAuth, etc.
• Cryptography implementation
• Creation of Security Standards/Best Practices
• Securing Distributed, Cloud Based Computing Environments

*Security Certifications (CISSP, GPEN, GWAPT, GXPN, etc.) considered a plus, but not required for this role.

Technical Skills: Java, JavaScript, Security Tools, Penetration Testing, SQL, Networking, Firewalls, Reverse Proxy, Web Application Firewalls

Attributes

• Customer focus, service delivery oriented
• Strong analytical and problem solving skills
• Strong written and verbal communication skills across all levels of the organization
• Maintain a calm, rational state in situations of ambiguity and high pressure
• Understanding of computer hardware and software skills
• Ability to work with team members spread over multiple locations
• Desire to learn and seek out challenges

Job Category:

Posting End Date: