Web Application Security Engineer

New York, NY 10001 | Contract to Direct Hire

Post Date: 04/17/2018 Job ID: 9992 Industry: Technology

Web Application Security Engineer
  • Location: Midtown NYC
  • Status: Contract to hire
  • Rate: Dependent upon experience

Are you an experienced Web Application Security Engineer who has previous experience working within Development?  Are you looking to grow your career with a well known company in an excellent location in New York City?  Just minutes away from Penn Station!

The Web Application Security Engineer  is responsible for developing and maintaining the web application security scanning and risk mitigation.
  • Vulnerability assessment of web applications (sponsoring, make sure it happens)
  • Static code review (sponsoring, make sure it happens)
  • Pen testing for web app
  • Consuming output of testing (vulnerability, code review, pen test) and tracking remediation
  • Ensuring SDLC and other best practices are followed
  • Incorporating security testing to dev procedures
  • Web application firewall guidance and possibly manage.
  • Provide or facilitate training for developers in the following areas:
  • OWASP, (top Ten…)
  • Secure coding practices.
  • Research solutions to improve app security
  • Must have prior Java Development Experience - need to sit with developers, understand development and propose solutions
  • This is a hands-on role so candidates should be experienced accordingly
  • Provide solutions
  • Scanning, running and identifying issues/threats
  • Client is currently using Fortify but is not happy with it. This person must come in with some ideas on new tools to utilize.

Additional Responsibilities:
  • Specific Knowledge, Skills and Abilities:
  • Web Application vulnerabilities (OWASP)
  • General security practices, concepts
  • Vulnerability testing
  • Static/Dynamic Code Review Methods and tools
  • Web Application firewalls
  • Secure Coding Practices
  • SDLC and security practices integration
  • HTTP Protocol
  • Application delivery (Load Balancer, Network routing)
  • Regulatory compliance requirements (e.g. PCI)
  • General programming (Java, C)
  • Web app programming (HTML, JS, CSS, XML, J2EE)
  • General knowledge on Databases
  • General knowledge of systems, OS, and Infrastructure

Preferred Education, Experience and Licenses:
  • Static, Dynamic Code scanning tools (Fortify, Whitehat)
  • Vulnerability Assessment Tools (Rapid7 Nexpose, Qualys, ZAP)
  • Experience with Programming Languages
  • Web Programming Languages (HTML, JS, J2EE)
  • General experience in E-Commerce Environment

If you are or someone you know is interested in this opportunity - it is contract to hire - please contact your dedicated IT Talon Recruiter today!  Referral bonus offered and paid!  Company benefits offered during contract period.

Frank Paparelli

Fun Facts: Loves Soccer, Travel buff, and Technology aficionado.

If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: