MASS CV
Post Job for Free
VACANCY
Log In / Sign Up
IT & Web & SQA

(Permanent Job) Java Application Security Engineer

(Permanent Job) Java Application Security Engineer Company Description null Job

2020
2019-08-12
Bey
Position: Application Security Engineer Salary: Unspecified Type: Full Time Location: San Francisco, CA
Company Description
null Job Description
This is a direct-client opening for an Application Security Engineer located in San Francisco, CA. This is a full-time position
Our client is looking for an Application Security Engineer who brings extensive experience with JAVA/J2EE Programming.
Looking for someone who can do Audit & Review code and provide recommendation on best practices related to
application security.
We are looking for someone who is proficient with one or more of the following tools: SD Elements, Checkmarx Static
Scanner, AquaSec Docker Container Scanner, Synopsis Seeker IAST OWASP Vulnerability Validation Suite, and Qualys
Vulnerability Scanner
Responsibilities:
This position is a Senior individual contributor role in our Application Security team. The team delivers application security
frameworks and general framework guidance for our company.
You will be developing security software for our Cloud, and providing the next generation of real time Application security
software to protect our site from attacks.
The position requires good understanding of architecture, design and coding in multiple application security platforms and
framework functions.
Successful candidates will be familiar with delivering application security solutions on platforms transitioning to host-
based security with Layer 7 encryptions from firewall based protections.
Lead cross functional teams to complete projects and major initiatives using judgment and growing experience.
Collaborate with Cloud, IT, Engineering, and Operations architects to understand the solution architecture and then fully
articulate the security design of the platform.
Conduct application development and deployment methodologies, processes, and testing automation. Develop policy and
operational processes to insure high availability and service of entire technology stack, from front-end web traffic to back-
end big-data infrastructure.
Help to design and build distributed systems and reliable, fault tolerant software.
Help to design and build HA production-grade solutions on virtualized and cloud based environments.
Work in a team environment.
Qualifications:
Master’s degree, or foreign equivalent, in Computer Science, Engineering or closely related quantitative discipline and
seven (7) years of large scale, full life cycle development experience (if Masters in Engineering) or 9 + years (if Bachelors
in Engineering), preferably 3+ years as a lead engineer.
3 + years in Java programming implementing large scale, high availability, fault-tolerant web infrastructure, with clear
concept of concurrency in Java, Java security APIs, features and performance
Excellent communication and interpersonal skills.
Ability to thrive in a high-pressured environment and crisis situations.
Ability to multi-task multiple projects at once and drive for results independently.
Special Skill Requirements:
Experience must include the following:
Java, Python, NodeJS, Spring, Apache, Tomcat, JSON, XML, and JBoss
Open Source PaaS frameworks such as Pivotal Cloud Foundry, Cloudify or OpenShift
GCP, AWS and Azure cloud services such as Openstack and KVM
Mobile and Native application development familiarity
React/CSS/HTML/JS development
VMWare, Hyper-V, Docker, Kubernetes
The application of threat modeling or other risk identification techniques
SD Elements, Checkmarx Static Scanner, AquaSec Docker Container Scanner, Synopsis Seeker IAST OWASP Vulnerability
Validation Suite, and Qualys Vulnerability Scanner
Deployment and Management, CI/CD integration, Jenkins, Concourse, and BOSH
Strong understanding of application security patterns including web application security (OWASP top 10, XSS, injection
vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, Mobile authentication and
key exchange) strategies.
Strong knowledge of industry trends in security technology
Expertise in developing and implementing one or more of the following: Identity and Access Management, SSO, SAML,
Open ID, OAuth2 or 2FA technologies.
Please complete the below skills-matrix and send back with your most updated resume
Full Name:
Total Experience as an Applications Security Engineer:
Total Experience with Java:
Total Experience with OpenSource PaaS frameworks:
Total Experience with Cloud Services such as Google Cloud, AWS or Azure;
Total Experience with 1 or more of the following (SD Elements, Checkmarx Static Scanner, AquaSec Docker Container
Scanner, Synopsis Seeker IAST OWASP Vulnerability Validation Suite, and Qualys Vulnerability Scanner):
Total Experience with Mobile Security:
Total Experience with Identity and Access Management, SSO, SAML, Open ID, etc:
Expected Salary:
What is the link to your Linkedin Profile?
What is the best phone number to reach you at?
Current City/State:
Availability:
Work Status (US Citizen, Green Card, etc.): Qualifications
null
Additional Information
All your information will be kept confidential according to EEO guidelines.
Apply

Back

#SanFrancisco#Application#Security#EngineerSan Angelo jobs
Facebook Twitter Linked
About Us Contact us Support
MASS CV open vacancies
Privacy Agreement Feedback

©2019 MASS CV All rights reserved