Currently seeking Jr to Mid level Application Security Engineers. The Application Security Engineer will work closely with product and software development teams to threat model, vulnerability scan, identify required control points in the application stack, and pen test early software.
• Possess a restlessness and desire to break and break into things.
• Proficiency with basic Linux systems privilege and permission models, admin and operational concepts, and basic scripting.
• Basic understanding of orchestration and automation tools including at least one of Ansible, Chef, Puppet, Terraform or Saltstack.
• Knowledge of common attacks and vulnerabilities including OWASP Top 10 and SANS CWE 25.
• Familiarity with attack tools such as Metasploit, Burp Suite, Fuzzing, Gauntlt, Kali Linux and similar tools.
- Participate, champion and help ensure security throughout the software life-cycle.
- Work with teams to formulate and implement a strategy for software security that is tailored to the specific risks facing the application, software, and environment including: Secure Design Consulting, Secure Coding Consulting & Threat modeling