Application Security Engineer
Okemos, MI
12 months
Must be a Citizen
Phone and Skype is fine
Primary Job Responsibilities:
Develop and maintain technical solutions for the ongoing improvement of Application Security as well as automating and orchestrating repetitive or manual tasks and promoting self-service.
Maintain an understanding of all current and emerging technologies, open system standards, and management technologies as they relate to the support of our business needs.
Provide accurate analysis of business requirements and, in conjunction with the Architecture and Engineering teams, develop solutions to fulfill them, being the main point of contact for client and stakeholder communications.
Perform operational tasks and respond to urgent requests when necessary as well as participating in annual disaster recovery exercises and plan updates.
Create and contribute to knowledge base articles and ensure they are kept up-to-date and provide operational training to partners and team mates in accordance to industry standards.
Perform on-going security testing, code reviews, and work with developers to remediate vulnerabilities and minimize the corporate risk profile.
Perform other related assigned duties as necessary to complete the Primary Job Responsibilities as described above.
Minimum Qualifications:
Position requires an associate’s degree in information technology and 5 years’ related work experience with Application Security development and testing
Preferred candidates will have Application Security certifications such as OSCP, OSCE, GPEN, or GWEB. Any suitable combination of education, training, or experience is acceptable.
Position requires knowledge in information security principles and practices, windows and Linux server administration with emphasis on authentication methods such as OAUTH and OIDC.
Experience with Active Directory, LDAP, E-Directory, Multi-factor, Single Sign On, Certificate based authentication methods, PAM, and credential management.
An ideal candidate will also possess experience or knowledge with industry standard tools such as Vault or SecureAuth.
Possess experience with one or more programing languages such as Java, Python, PowerShell, and Xpath.
Experience with common version-control systems and deployment platforms such as Get, BitBucket, Artifactory, and Jenkins.
Familiarity with Oracle Weblogic or Oracle Database servers.
Experience with Application Security testing tools such as BurpSuite, Zap, Fiddler, Postman, Kali Linux or equivalent tools.