Application Security Engineer

Alpharetta, GA

This is a permanent position and our client is open to sponsoring visas. They will also provide relocation assistance.

• Building an annual penetration testing plan for the applications.
• Scoping each penetration test with the relevant business owners – product management and engineering leaders.
• Executing penetration tests on the applications developed by the company. The penetration tests must always include application-level penetration testing, but may also include operating system hardening verification (e.g. a self-checkout must be hardened as a kiosk workstation).
• Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
• Research new attack vectors in the retail, hospitality and financial industries and in the application security field in general.
• Bachelor’s Degree in Computer Science or related field. Equivalent work experience will be considered.
• Penetration testing hands-on experience of 3-7 years.
• Software development lifecycle background of 2-3 years.
• Security certifications are desirable, e.g. CISSP, CEH or OSCP.
• PCI and PA DSS Certification experience is a plus.
• Retail and financial payment transaction processing software vulnerabilities and authentication testing – advantage.
• Experience with E-Commerce payments integration/ security issues – advantage.
• Soft skills – effective communication (internal, customers), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.).
• Active participation in cybersecurity forums/conventions, e.g. DEFCON, Black Hat. Public speaking is a plus.


Comments are closed.