Application Security Specialist- Contract to Hire in Bethesda, MD

This job is no longer active. View similar jobs.

POST DATE 9/1/2016
END DATE 10/18/2016

Modis Bethesda, MD

Company
Modis
Job Classification
Full Time
Company Ref #
23172363.21601033
AJE Ref #
576053580
Location
Bethesda, MD
Job Type
Regular
Required Licenses/Certifications
df-aj

JOB DESCRIPTION

APPLY
span A trusted Modis client in Bethesda, MD is seeking an Application Security Specialist to join their team. This is slated as a contract to hire role, but a long term contractor would be considered if they are exceptionally qualified. br   br Compensation is commensurate with experience. br   br Duties br • Systematically address application security issues and develop secure coding practices for multiple development teams br • Integration of application authentication, encryption, authorization, and access control br • Provide mitigation strategies for applications from infrastructure, architecture, and secure coding perspectives br • Utilize application security scanning tools such as IBM AppScan to interpret reports and validate identified vulnerabilities and associated risks br •        Utilize source code scan tools such as Fortify, or Checkmarx to assist NLM application teams to apply the best practice for application security and catch potential vulnerabilities at early stage. br • Proactively work with team members to address security and compliance issues br •        Provide education and assistance to application developers for applying Security Software Development Life Cycle   br • Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle br Position Requirements br • A Bachelor’s degree in Computer Science OR related engineering field with training in software security br • Strong software engineering background with extensive experience working in complex enterprise environments implementing software development lifecycles br • Extensive experience in addressing web application security issues, such as those outlined in OWASP Top 10 br • Strong knowledge of application security throughout the software lifecycle br • Experience developing secure coding practices with Java, ColdFusion, Python/Django, and PHP br • Strong knowledge and experience in securing an application’s integration with relational database management systems such as Oracle br • Experience using Tenable Security Center and validating identified vulnerabilities br • Proven ability to ensure applications are secure throughout the software lifecycle br • Ability to perform manual and automated testing to identify vulnerabilities such (BurpSuite Pro, Fiddler, Netsparker, etc.) br • Knowledge of security in both Linux and Windows environments as it pertains to Web application hosting, middleware (Apache, Tomcat, PHP, ColdFusion, Ajax), and databases (Oracle, MySQL, MS SQL Servers) br • Demonstrated experience implementing application firewall rules (such as F5 ASM, iRules, and/or Apache ModSecurity) as compensating controls to protect Web applications br • Software Security Certifications, such as Certified Secure Software Lifecycle Professional (CSSLP) is a big plus br • Excellent communication skills including presentation and documentation. br •        Strong capability in evaluating application security related products br   br   br   br   br   br   br /span