| Sr. Information Security Engineer || c2C || Remote at Remote, Remote, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=853725&uid= Hi All Job Title: Sr. Information Security Engineer Visas: USC/GC/EAD Direct Client: Baltimore City Office of Information Technology (BCIT) Location: Remote Duration: Long Term Job description: - The Baltimore City Information Technology (BCIT) is recruiting for an Application Security Engineer (vendor contractor role) to focus on web application vulnerability mitigation. In this role, you will be responsible for leveraging the application scanning platform to plan and execute web application vulnerability remediation. You will utilize your expertise to prioritize remediations to align with BCIT business objectives and track remediation progress with technical teams. In addition, you will work closely with the citys application development team to develop and integrate secure coding practices into our software development lifecycle and develop and provide training for our application developers. This is a challenging role in a high performing team, and an opportunity to be the citys application security subject matter expert. You will perform a technical leadership role in Baltimores continuing cyber security improvements while broadening your skills in an enterprise-wide information security program. Responsibilities: Perform city-wide web application vulnerability scanning. Prioritize the results, perform code reviews and work with the development teams on best practices to remediate. Track remediations to completion. Build strong relationships with the development teams and work with them to integrate secure coding practices into the development lifecycle. Identify patterns of findings, develop, and provide training to the citys developers based on the findings and the OWASP top 10. Schedule penetration testing against selected externally facing systems and be the interface between our 3rd party penetration test vendors and the application owner. Track all pen test findings to completion. Maintain web application inventory. Respond to notifications and alerts of potential threats to reprioritize vulnerability mitigations when necessary. Provide expertise to developers that request secure coding best practices support. Develop a secure coding curriculum for developers annual training. Monitor the progress of vulnerability remediation activities and provide metrics and regular status updates.. Basics Qualification: Bachelor's Degree or equivalent in computer engineering/science or a related technical field. 2 plus years of relevant industry experience in software development and application security. Licenses, Registrations, And Certificates: Relevant certifications (e.g., OSCP, CEH, CSSLP, CASE, GWEB, etc) preferred. Required Skills: Demonstrable coding experience in one or more general purpose languages (Java, .NET, Python, C%23, NodeJS). Experience in Web Application Firewall deployment and operation. Experience with attacks and mitigation methods; web application and browser security; security assessments and penetration testing. Knowledge of information security Risk Management Framework (RMF) methodologies. Experience working with various tools such as Kali Linux, Metasploit, Wireshark, nmap, Tenable.io, Rapid7 InsightVM, Qualys, or equivalent toolsets. Knowledge of the Azure DevOps pipeline and how to keep it secure. Knowledge of data integrity failures and what questions to ask as data is serialized and reconstructed. Knowledge of security fundamentals and information security control frameworks. Ability to be an excellent team player, self-confident, motivated, independent, and capable of working with little to no instructions. Ability to multi-task and work in a fast-paced environment. Ability to be attentive to details and proven problem-solving skills. Ability to communicate and present to stakeholders and customers (verbal and written) Keywords: information technology green card http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=853725&uid= |
| [email protected] View All |
| 08:52 PM 14-Nov-23 |