We are looking for a Security Engineer, to support an enterprise application and conduct security assessments, identify vulnerabilities, prioritize threats mitigation and remediations. You will also work very closely with the software developers and testers to recommend secure design. Additionally you will:
- Conducting security assessments of applications using industry-standard tools and techniques to identify vulnerabilities.
- Analyze source code for security vulnerabilities.
- Provide vulnerability assessment and penetration test reports to key stakeholders.
- Producing reports to demonstrate assessment coverage and remediation effectiveness, and working with the product engineers and software teams to ensure corrective actions are implemented
To be successful as a Security Engineer you will need:
- 2 year of experience performing penetration testing
- Experience in identifying weaknesses in Web applications and supporting infrastructure, including servers, databases, networks, etc.
- Experience performing code reviews.
- Experience with security testing environments and tools, such as Nessus, Acunetix, and Burp Suite Pro
- An understanding of vulnerabilities and attack methods, such as remote code execution, privilege escalation, injection, spoofing and tampering, same-domain policy, sandboxing, XSS, and CSRF and other common vulnerabilities, how to test for and identify them, and how to remediate them.
- Knowledge of secure coding best practices.
Minimum Education and Experience for the Security Engineer:
- Bachelor’s Degree in Computer Science, related area or equivalent related work experience
- CISSP, Certified Ethical Hacker, or similar certifications
- 2+ years of experience in cybersecurity, ethical hacking, vulnerability identification and management, secure design practices
- Local candidates only.