The Application Security Lead Analyst will perform application security assessments, code reviews, and application penetration testing. This position is a great opportunity for someone with strong web application development and security skills. This is a technical hands-on role that will utilize your web application development and security skills but does not involve coding.

• Conducting web, mobile, and application security assessments, and penetration tests. The assessments involve manual testing and analysis as well as the use of automated web application vulnerability scanning/testing tools.
• Performing source code reviews using automated tools and manual analysis
• Writing a formal security assessment report for each application to determine security risk, compliance with documented security standards and remediation requirements
• Lead meetings with development teams to scope out new requests, deliver assessment results, and consult on application remediation.
• Develop standard method and process for testing following industry best practice including OWASP testing guide
• Is responsible for the execution and delivery of planned project deliverables and milestones

Qualifications/Requirements

• Bachelor Degree in Computer Science, Mathematics, Engineering or other STEM area of study preferred.
• Proven understanding of Software Security Architecture and Design
• 6+ years of professional experience
• 3-5 years of experience developing and securing web applications
• Experience performing web application security code, penetration, and analytical testing and using vulnerability testing tools.
• Experience with JavaScript, JAVA, .NET, and J2EE based applications; knowledge of PHP, IOS, and Android
• Proven experience with vulnerability assessment tools such as QualysGuard, Fortify Source Code Analyzer, WebInspect, Burp, etc.
• Experience implementing controls for web and mobile applications
• Knowledge of OWASP tools and methodologies, web application firewalls, and network security
• Strong written and oral communication skills
  

Relocation Eligible

Not Eligible for Relocation