Web Application Security Engineer
About this role
Company Description
Retail / Wholesale - Corporate
Job Description
Web Application Security Engineer
Visa candidates are welcome to apply
Shopping has changed more in the past five years than in the past five decades, and going forward, retailing will require investing more in people and technology. With the rapid changes in retail, it is critical that technology be a strategic enabler for our company to accelerate delivery, be adaptive to market changes, and effective in rapidly delivering solutions to meet the needs of our customers. The Web Application Security Engineer works as a member of the Information Security team.
Primary Responsibilities:
ā¢ Performs static/dynamic code testing, manual code inspection, threat modeling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
ā¢ Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
ā¢ Serves as a Subject Matter Expert (SME) in web application security for enterprise projects during development phases to provide Information Security consulting and recommendations, ensuring the implementation of approved security requirements.
ā¢ Develops and implement manual and automated web application security testing of e-commerce web applications to enforce security standards.
ā¢ Works with security product vendors and service providers to evaluate security offerings, including product evaluations, proof of concept and pilot installations
Qualifications:
ā¢ Bachelor's degree in Computer Science, Software Engineering or related field or equivalent combination of education and experience
ā¢ 5-7 years of experience in performing penetration testing, secure code review, static, dynamic and manual source code review.
ā¢ Experience in identifying and remediating common web application vulnerabilities such as OWASP Top 10.
ā¢ Experience in use of various commercial and open source penetration testing tools and methodologies and performing penetration testing of web applications and operating systems.
ā¢ Familiarity with APT attack and kill chains.
ā¢ Experience with various code repositories including GitHub and Apache Subversion (SVN)
ā¢ Experience with continuous integration servers such as Jenkins and ElectricCommander
5+ to 7 years experience
SCREENING QUESTIONS
Do you have experience performing penetration testing?
Do you have experience identifying vulnerabilities within a web application?
Are you ok working in SF or Pleasanton?
Do you have examples consulting enterprise level development projects?
Are you ok taking a 75 question assessment?
Qualifications
Additional Information
All your information will be kept confidential according to EEO guidelines.
Frequently Asked Questions
Is the salary disclosed for the Web Application Security Engineer position at dstaff?
Where is the Web Application Security Engineer position at dstaff located?
Is the Web Application Security Engineer role at dstaff full-time or part-time?
How do I apply for the Web Application Security Engineer position at dstaff?
When was the Web Application Security Engineer job at dstaff posted?
You'll be redirected to dstaff's official application page on SmartRecruiters.