|Location||New York, NY|
|Date Posted||June 18, 2019|
Application Security Lead (2 Vacancies)
Start Date: ASAP / Now Interviewing
Position: Contract-to-Hire or Perm
Location: New York, NY (100% Onsite)
Client: Financial Services
Interview Process: 2-3 Rounds / Phone Screenings & F2F
- Bachelor's Degree in Information Technology, Computer Science or a related field
- 5+ years of experience designing, developing, and testing of software applications and/or infrastructure
- 3+ years of hands on security experience with AWS/Azure/GCP Cloud Architecture - Experience with writing secure and functional AWS IAM Roles, Policies, and Procedures.
- Strong experience with writing secure and functional AWS/Cloud IAM roles and policies.
- Strong Experience with building secure pipeline tools like; Jenkins, Jira, Sonatype Nexus, Veracode
- Strong Experience with secure code development using OWASP principles, static and dynamic code scanning and remediation
- Understanding of application threat modelling and Agile SDLC security practices
- Experience in developing secure code and application security standards
- Experience working with/patching open-source code/libraries
- Experience conducting application security testing and source-code reviews
- Certification in CEH, CISSP, CISM, CompTIA Security, CISSP, or GSEC (similar)
- Java, Python, .Net, node.js Development Experience required
- Build a very close working relationship with DevOps, application development and QA teams.
- Designing and delivering security training to developers
- Determine security requirements by evaluating business strategies
- Conducting system security and vulnerability analyses, penetration testing and risk assessments
- Partnering with Developers to implement security remediation's for identified weakness.
- Conduct and facilitate periodic application security awareness training and workshops
- Develop and Manage Web Application Firewall (WAF) security policies to mitigate OWASP and application security threats,
- Create and maintain Application Security policies including secure coding policies, procedures and standards, coding standards, and the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
- Ensuring acquired or developed systems are consistent with the solution engineering and security architecture guidelines
If interested in applying for this position, please e-mail your CV/Resume directly to [Click Here to Email Your Resumé].
***Please include subject: "Candidate Submission: Application Security Lead"
Jefferson Frank is a leader in Niche IT Recruitment with a focus on AWS cloud technologies. We deal with AWS Partners & End Users throughout North America. We have open positions and relationships with some of the top partners and end users throughout the US and offer some excellent opportunities in the AWS space.
I understand the need for discretion and would welcome the opportunity to speak to any AWS candidates considering a new career or job either now or in the future. Confidentiality is of the utmost importance. For more information on available AWS jobs, as well as the AWS market, I can be contacted at [Click Here to Email Your Resumé].
Please see www.jeffersonfrank.com for more information.