Application Security Consultant

Long Finch Technologies

Chicago, IL

Posted On: Jun 21, 2024

Posted On: Jun 21, 2024

Job Overview

Job Type

Full-time

Experience

6 - 12 Years

Salary

$120,000 - $140,000 Per Year

Work Arrangement

On-Site

Travel Requirement

0%

Required Skills

  • Application Security
  • SDLC
  • TCP/IP
  • SQL
  • Security Testing
Job Description
Roles and Responsibilities
  • Deliver Application Security services, including but not limited to Application Security Assessments for various application types (web, mobile, IoT, thick client).
  • Threat Modeling, Source Code Reviews, Application Architecture Reviews, Secure Development Training, and Secure SDLC Implementation
  • Author assessment deliverables that are tailored to both technical and managerial audiences and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies
  • Contribute to Application Security research projects
  • Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients
  • Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry.
  • Foster client relationships by providing support and information
 
Required Skills/Qualifications
  • Comprehensive understanding of the different stages of vulnerability remediation in different operating environments
  • Demonstrated ability to remain current on vulnerabilities and research trends in the information security industry
  • Proven ability to communicate technical issues to technical and non-technical audience, ability to work effectively as part of remediation teams
  • Knowledge of WSAC, CWE or other security testing frameworks
  • Experience with Application Security tools such as Veracode, Burp suite, HP Web Inspect etc
  • Knowledge of web based vulnerabilities (e.g. SQL injection, cross-site scripting, etc.)
  • Knowledge and understanding of application deployment model: design, implementation, and maintenance
  • Knowledge and understanding of application security planning and security architecture
  • Knowledge and understanding of full life cycle application development
  • Knowledge of TCP/IP and related concepts, solid understanding of Governance, Risk and Compliance and a solid understanding of at least one programming language.

Job ID: LF240268

Posted By

Andy

HR Manager