Job Description

Job Title: Application Security Consultant
Job Location: Texas

Responsibilities:

  • Auditing code, architecture, and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening
  • Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings
  • Provide SME support on secure code implementation, design and architecture
  • Threat-modeling and risk analysis
  • Training
  • Participate in providing annual OWASP and PCI training for developers
  • Helps maintain updated Secure Coding Best Practices
  • Common application level vulnerabilities
  • Risk Management
  • Findings/vulnerability prioritization
  • Mitigation strategy
  • Controls Evaluation – Review, validate, recommend and create standards
  • Review of open-source development libraries for security risks
  • Web application firewall (WAF) rule development and implementation
  • Security technologies review and recommendations

Required Qualifications:

  • Bachelors of Computer Science or similar
  • Six or more years of experience in applying Information Security best practices to Information Technology assets plus five or more years of experience with software development
  • Strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses, and vulnerability analysis
  • Experience security web and mobile applications, APIs, micro-services, containers, cloud, and cloud-hybrid architectures
  • Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews
  • Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them
  • Solid understanding of Information Security in general and the specific behaviors that would secure company information assets
  • Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand
  • Ability to effectively communicate with both non-technical and technical people
  • Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges
  • Ability to work well inside and outside the team

QBH#: 2091

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online