Application Security
Infojini Inc, Bethesda, MD, United States
Infojini Consulting is a full service IT consulting, services, and staffing firm with offices in Secaucus, NJ.
Infojini Consulting is recognized as one of the fastest growing IT services and software development Companies. With a partnership of all major technology vendors, Infojini Consulting has built a strong Government and commercial customer base including fortune 100 companies and most state and federal agencies such as State of North Carolina, State of South Carolina, State of Maryland, State of California, State of Pennsylvania, State of Virginia, State of Washington and many others.
Infojini Consulting is an equal opportunity employer and considers all qualified individuals for employment irrespective of their race, gender, age, color, sexual orientation. We offer an excellent compensation package.
Job Description
We are looking for Application Security in Bethesda, MD for a Fulltime position.
Job details mentioned below-
Title: Application Security
Location: Bethesda, MD
Client: Direct Client
Duties
- Systematically address application security issues and develop secure coding practices for multiple development teams.
- Integration of application authentication, encryption, authorization, and access control.
- Provide mitigation strategies for applications from infrastructure, architecture, and secure coding perspectives.
- Utilize application security scanning tools such as IBM AppScan to interpret reports and validate identified vulnerabilities and associated risks.
- Utilize source code scan tools such as Fortify or Checkmarx to assist NLM application teams to apply the best practice for application security and catch potential vulnerabilities at an early stage.
- Proactively work with team members to address security and compliance issues.
- Provide education and assistance to application developers for applying Security Software Development Life Cycle.
- Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle.
Qualifications
Position Requirements
- A Bachelor’s degree in Computer Science OR related engineering field with training in software security.
- Strong software engineering background with extensive experience working in complex enterprise environments implementing software development lifecycles.
- Extensive experience in addressing web application security issues, such as those outlined in OWASP Top 10.
- Strong knowledge of application security throughout the software lifecycle.
- Experience developing secure coding practices with Java, ColdFusion, Python/Django, and PHP.
- Strong knowledge and experience in securing an application’s integration with relational database management systems such as Oracle.
- Experience using Tenable Security Center and validating identified vulnerabilities.
- Proven ability to ensure applications are secure throughout the software lifecycle.
- Ability to perform manual and automated testing to identify vulnerabilities (BurpSuite Pro, Fiddler, Netsparker, etc.).
- Knowledge of security in both Linux and Windows environments as it pertains to Web application hosting, middleware (Apache, Tomcat, PHP, ColdFusion, Ajax), and databases (Oracle, MySQL, MS SQL Servers).
- Demonstrated experience implementing application firewall rules (such as F5 ASM, iRules, and/or Apache ModSecurity) as compensating controls to protect Web applications.
- Software Security Certifications, such as Certified Secure Software Lifecycle Professional (CSSLP), is a big plus.
- Excellent communication skills including presentation and documentation.
- Strong capability in evaluating application security related products.
Additional Information
All your information will be kept confidential according to EEO guidelines.
#J-18808-Ljbffr