Job ID: JOB_ID_6172
Job Summary:
We are seeking an experienced Application Security Engineer with a focus on Penetration Testing to join our team. The ideal candidate will have a strong understanding of application security principles, experience with various security testing methodologies, and a background in development. This role involves conducting regular security tests, analyzing vulnerabilities, and collaborating with development teams to enhance the security posture of our software and systems.
Key Responsibilities:
- Schedule and perform regular application security tests.
- Conduct penetration tests on critical software and systems.
- Test changes before they go live to ensure security compliance.
- Analyze and validate identified vulnerabilities.
- Track and report on all security testing activities.
- Present security findings and recommendations to stakeholders.
- Maintain dashboards for tracking and managing vulnerabilities.
- Improve asset management processes related to security.
- Enhance threat modeling processes and documentation.
- Review source code to identify potential security flaws and duplicate issues.
- Utilize security testing tools such as Fortify, Burp Suite, and others.
- Automate security scans and integrate them with CI/CD pipelines.
- Collaborate closely with developers to implement and improve security practices.
- Support incident response activities and security investigations.
- Perform various types of security tests, including penetration testing, purple team exercises, and red team exercises.
Technical Skills and Qualifications:
- Strong understanding of internet architecture and web security principles.
- Proficiency in security testing methodologies (SAST, DAST, SCA, OWASP Top 10).
- Ability to verify vulnerabilities and perform manual security testing.
- Familiarity with security platforms such as Checkmarx, AppScan, Fortify, and Veracode.
- Experience with web services, JSON, and API testing.
- Skilled in conducting vulnerability assessments and communicating security issues effectively.
- Proficient in programming languages including .NET, C, C++, Java, and Python.
- Knowledge of Object-Oriented Programming (OOP) concepts.
- Experience with JavaScript frameworks like Node.js and React.js.
- 1-3 years of web development experience (HTML, ASP, ColdFusion, JSP, Node.js, React).
- Knowledge of pipeline integration and source code management tools (Jenkins, GitHub, etc.).
- Experience with relational databases (SQL Server, MySQL) and the ability to write and understand SQL queries.
- Basic knowledge of Microsoft Azure cloud services.
- Experience with penetration testing tools and techniques.
- Familiarity with development environments and debugging tools.
Experience Requirements:
- 4-6+ years of experience in application security, penetration testing, or a related field.
- Some experience in software development is required.
Education Requirements:
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
Employment Type:
Contract (6+ Months)
Location:
Fort Mill, SC (Onsite from Day 1)
Special Requirements
Onsite day 1
Compensation & Location
Salary: $70 – $90 per year (Estimated)
Location: FORT MILL, SC
Recruiter / Company – Contact Information
Email: itkumar.s@kksoftwareassociates.com
Recruiter Notice:
To remove this job posting, please send an email from
itkumar.s@kksoftwareassociates.com with the subject:
DELETE_JOB_ID_6172