Information Security Engineer

Company Description

At Altisource (NASDAQ: ASPS) we build world-class technologies and services for the mortgage and real estate industry and are well poised to help revolutionize how homes are bought, sold, and managed. In the US, we partner with 7 out of the top 10 mortgage servicers, operate one of the top three real estate auction websites, and manage a cooperative which represents a 15%+ market share of the $1.8tn US Originations market.

Job Description

Responsibilities

• Conduct vulnerability assessments for all types of applications, systems and networks.
• Communicate security vulnerabilities and corrective actions to various internal groups and validate remediation.
• Performing code reviews to find vulnerabilities and fix errors overlooked in the development phase.
• Identify security risks in the software development and deployment process.
• Utilize commercial and open source vulnerability assessment tools.
• Perform manual verification of vulnerabilities – reduction of false positives.
• Create assessment reports and present them to management and technology professionals.
• Develop metrics for tracking and analyzing vulnerability information.
• Assist in regular penetration testing.
• Develop and maintain internal tools and task automation using AI
• Stay current on information security threats.
• Train security team members on vulnerability management process and tools.

Qualifications

Required Qualifications & Certifications:

• Bachelor’s degree in Engineering, Computer science or equivalent
• 3 to 5 years experience.
• Possess certification/s related to Vulnerability Assessment such as GIAC, CEH.
• Must possess excellent written and verbal communication skills.
• Hands-on experience with performing network vulnerability assessments.
• Hands-on experience with performing Application scans and code reviews of application codes developed in various technologies.
• Knowledge of OWASP tools and methodologies
• Competency with network security and information security concepts and technologies.
• Thorough knowledge of the Windows OS as well as Linux and Unix variants.

Preferred Qualifications:

• Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
• Experience with web application vulnerability scanning tools (, HP Webinspect, , Burpsuite Pro)
• Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
• Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
• Experience presenting to or training technical audiences a plus.
• A technical writing experience and/or web development tools is a plus.