Skip to Main Content
ZipRecruiter
Posted on

Application Security Engineer

Pyramid Consulting, Inc Dallas, TX
  • Employment Type Other
Immediate need for a talented Application Security Engineer. This is a 12+ months contract opportunity with long-term potential and is located in DALLAS, TX. Please review the job description below.

Job ID: 19-32331

The Application Security Engineer will be a part of the Cybersecurity Team focused on general application security, DevSecOps principles, and code quality. The Cybersecurity Team works with application development teams to ensure technology security and vulnerabilities are addressed and remediated throughout the system development life cycle (SDLC).

Key Responsibilities and Requirements-
  • 5+ years in application penetration testing.
  • 5+ years in software development.
  • Ability to work in a highly collaborative and dynamic, cross-functional team.
  • Conduct application security assessments and penetration tests (web, mobile, web service, etc.).
  • These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools and/or code review tools.
  • Perform threat models and risk assessments to characterize the risk and severity posture of large-scale commercial or in-house enterprise applications.
  • Experience programming and scripting and ability to develop or adapt custom tooling to solve new needs.
  • Experience performing baseline static/dynamic application security assessments (SAST/DAST) on new applications and changes to applications.
  • Write a security assessment and application threat profile reports.
  • Maintain partnerships with application development teams, participate in corrective action plans for identified issues.
  • Articulate risk and business impact to stakeholders.
  • Provide on-the-job training and mentoring to other members of the team.
  • Track and research the latest developments in vulnerability research.
  • Strong understanding of vulnerabilities, common attack vectors and how to resolve them.
  • Attacker mindset ability to think about creative threats and attack vectors.
  • Well-rounded background in host, network and application security.
  • Familiarity with cloud platforms (preferably AWS).
  • Experience with Agile Practices like Scrum, Kanban, CI, CD
Preferred but not required
  • DevSecOps knowledge of areas such as tools/capabilities, monitoring, scripting, and metrics preferred.
  • Experience delivering secure application development and application security testing training.
  • Familiarity with OAuth2.0 and OpenId Connect protocols.
  • Working knowledge of industry and commonly adopted secure standards, practices (e.g. applicable NIST standards, CIS, ISO, OWASP, SANS, BISMM, and CERT).
  • Certifications (Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) GIAC Certified Forensic Examiner (GCFE)), training on hands on exploit development are plus.
  • Administration experience with any of the following: Nessus, Rapid7, Burp Suite, Metasploit and other scanning and analysis solutions.
  • Airline or travel industry experience a bonus.
Our client is a leading Airlines Industry and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration.

#Dal3

About Pyramid Consulting, Inc:

Posted date: Posted: over a month ago

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.

Check Salary

What email should we contact you at once we get salary info from the hiring manager?

What email should we contact you at once we get salary info from the hiring manager?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.

Am I Qualified?

Our qualification feature is only available to registered members - what email address would you like for us to keep on file?

Our qualification feature is only available to registered members - what email address would you like for us to keep on file?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.