Applications Security Analyst

Job Overview
Our client in the Elizabeth area of NJ has an excellent opportunity for an Applications Security Analyst! 
 

Responsibilities:

  • Perform dynamic vulnerability analysis of web applications and infrastructure components to reduce the security risk to the organization.
  • Craft custom proof of concept application exploits using testing tools and frameworks or scripting exploits in Python, Perl, JavaScript, Shell scripting, etc.
  • Research new and emerging threats and incorporate test vectors for detection.
  • Write reports including recommendations, root cause analysis, security summary analysis, and project roadmaps.
  • Communicate to development teams and senior managers vulnerabilities.
  • Create and deliver knowledge sharing presentations and documentation to developers and operations teams.
  • Learn on the job and explore new technologies with little supervision to identify new and emerging security threats.
  • Help drive design decisions based on known vulnerabilities.

 

Requirements:

  • Bachelor’s Degree in Computer Science.
  • Requires a minimum of 4 years technical work experience analyzing and decomposing application architectures to identify security gaps as well as experience in threat modeling.
  • Prefer one of the above years in web application penetration testing experience.
  • SANS Web Penetration Testing Certifications.
  • Application security tools such as:  HTTP and TCP proxies, fuzzers, scanners, debuggers, simulators, etc.
  • Common vulnerabilities in the OWASP top 10 list.
  • Protocols/technologies such as SOA, HTTP, SSL, LDAP, JDBC, Servlet/JSP, SQL, HTML, XML.
  • Java Application and Java Application Server administration/tuning.
  • Amazon Web Services (AWS) and/or VMware vCloud and/or Docker.
  • Ability to understand software design algorithms.
  • Strong knowledge of one or more of the following programming languages:  Java, C#, C, C++, SQL is preferred.
  • Ability to write scripts in languages such as Python, BASH, or PowerShell for automation preferred.
  • Ability to read and debug code preferred.
Job Detail
Shortlist Never pay anyone for job application test or interview.