Jobs
>
Tempe

    Applications Security Engineer - Tempe, United States - TEKsystems

    TEKsystems
    TEKsystems Tempe, United States

    3 weeks ago

    TEKsystems background
    Description

    Job Description

    Job Description

    Top Skills' Details

    1. 5+ years experience in Application security scanning and testing
    2. Previous full stack Java experience as well as CI/CD, Dev ops
    3. Hands on experience with Qualys

    Job Description

    The IT Security Threat Analyst independently develops, maintains, and implements comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Perform comprehensive threat analysis and recommends appropriate course of action, mitigation, and remediation. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members. They are the single point of contact and coordination for third-party incident response teams and law enforcement agencies if the environment is breached.

    Essential Functions - The essential functions listed represent the major duties of this role, additional duties may be assigned.

    • Subject matter expert in the detection and identification of web application cyberattack signatures, tactics, techniques and procedures associated with advanced threats

    • Independently and proactively prepares detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders

    • Develops and maintains documentation for security evaluation procedures

    • Serve as a subject matter expert for team members, specializing in web application security monitoring and application analysis

    • Creates and leads initiatives to improve web application security evaluation processes

    • Leads improvements discussions with third-party vendor regarding security evaluations

    • Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security monitoring and application security program

    Required Work Experience:

    5+ years related work experience within IT Security
    Experience utilizing multiple web application scanning tools.
    Experience recommending web application security analysis tools.
    Experience working in Agile methodology environment.
    Experience working with REST services (prefer also SOAP experience).
    Experience with scripting (prefer also some application code development experience).

    Required Education:
    Related Bachelor's degree or additional related equivalent work experience IT related field
    Additional Required Qualifications:
    Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in web application security evaluation.
    Experience working and managing vendor performance and service level agreements
    Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
    Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
    Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
    Ability to manage tasks independently and take ownership of responsibilities
    Ability to learn from mistakes and apply constructive feedback to improve performance
    Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
    Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
    Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks

    Top Skills' Details
    1. Background as a full stack Java developer with scripting experience like Bash or Python
    2. Experience with security testing (SAST, DAST, RASP etc.)
    3. Understanding of OWASP Top 10, software security, secure coding, vulnerability management.
    4. Knowledge of Cloud Infrastructure and Dev Ops methodologies: Containers (Docker), Kubernetes, micro-services
    Secondary Skills - Nice to Haves
    Job Description
    The Application Vulnerability Management team is responsible for discovering technical vulnerabilities within in-house developed applications. This includes the actual code developed by analysts, dependencies such as open source libraries and container technology. The team analyzes in-house developed applications for known vulnerabilities (e.g., CVE-based vulnerabilities, CWE-based vulnerabilities and OWASP Top 10 vulnerabilities, pripritizes them, and works with the appropriate asset owner to determine if remediation, mitigation or risk acceptance is required and complies with appropriate timelines. Vulnerability tracking and metrics reporting is also part of the teams output.

    Responsibilities
    - Discover technical vulnerabilities in Production in code, dependencies and container technology.
    - Support the development lifecycle of in-house developed applications to allow development teams to identify vulnerabilities during the build lifecycle
    - Develop and use scoring models to score vulnerabilities.
    - Provide regular statuses on current work
    - Be willing to take on special assignments that may require additional learning

    Skills and Knowledge - Web application attacks and trends - Basic operational knowledge of: HTTP/S, XML, HTML, JavaScript, AJAX (Web Web Infrastructure Security (e.g., NGINX, Tomcat, IIS, etc.) - Authentication and Session management - Exploits (e.g., CSRF, XSS, HTTP Response Splitting, Injection attacks, XML External Entities, etc.) - Remediation (e.g., Escaping, Encoding, Input/Output Validation, Parameterized Queries, etc.) - Mitigation (e.g., WAF, IPS, XML Gateway/Firewall, etc.) - Scripting/automation skills (e.g., Python, JavaScript, Powershell, etc.)

    Additional Skills & Qualifications

    Excellent documentation skills to accurately complete reports and documentation
    - Strong verbal and written communication skills
    - Team player, self starter, able to get up to speed to contribute quickly

  • TEKsystems

    Security Engineer

    4 weeks ago

    TEKsystems Tempe, United States

    Job Description · Job DescriptionJob Title · Cybersecurity engineer · Top Skills' Details · 1. 2+ years experience with SIEM ( deploying, configuration, query languages) · 2. Experience with linux virtual machines and Windows administration · 3. 2+ years experience with Python sc ...

  • Phoenix Staff Inc

    Senior Security Engineer

    3 weeks ago

    Phoenix Staff Inc Tempe, United States

    Job Description · Job DescriptionTitle: Senior Security Engineer · Location: Tempe, AZ (Hybrid 3 days per week onsite) · Type: Contract · Our client is looking for a Senior Security Engineer to join their team in Tempe, AZ. · Responsibilities: · Security Operations: Monitor and a ...

  • ACHIEVE

    Director, Security Engineering

    2 weeks ago

    ACHIEVE Tempe, United States

    Director, Security Engineering & Operations · Full-time · work location: Remote · Achieve is a leading digital personal finance company. We help everyday people move from struggling to thriving by providing innovative, personalized financial solutions. By leveraging proprietary ...

  • Gen

    Senior Manager, Security Engineering

    2 weeks ago

    Gen Tempe, United States Full time

    About Gen: · Gen is a global company powering Digital Freedom through consumer brands including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner. Our combined heritage is rooted in providing safety for the first digital generations. We bring leading technolo ...

  • Achieve

    Director, Security Engineering

    3 weeks ago

    Achieve Tempe, United States

    Job Description · Job DescriptionCompany Description · Achieve is a leading digital personal finance company. We help everyday people move from struggling to thriving by providing innovative, personalized financial solutions. By leveraging proprietary data and analytics, our solu ...

  • Phoenix Staff Inc

    Senior security engineer

    3 weeks ago

    Phoenix Staff Inc Tempe, United States

    Title: Senior Security Engineer · Location: Tempe, AZ (Hybrid 3 days per week onsite) · Type: Contract · Our client is looking for a Senior Security Engineer to join their team in Tempe, AZ. · Responsibilities: · Security Operations: Monitor and analyze security alerts and incide ...

  • Northern Trust Corporation

    Sr Manager, Cyber Security Engineering

    2 weeks ago

    Northern Trust Corporation Tempe, United States Full time

    About Northern Trust: · Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. · Northern Trust is proud to provide innovative financial services and guidance to the world's most succ ...

  • Sentinel Technologies

    Network Security Engineer, Senior

    1 day ago

    Sentinel Technologies Tempe, United States

    Sentinel is seeking a Senior Network Security Engineer for our deployment team. This individual will be standing up and deploying secure network solutions for mid to enterprise-level client environments. You should have a strong technical background, Security Engineer, Network Se ...

  • Imagine Learning

    Senior Software Security Engineer

    2 weeks ago

    Imagine Learning Tempe, United States

    Senior Software Security Engineer · Engineering, Tech, and ITRemote, Tempe, AZ · Apply · Description · Position at Imagine Learning · Great Purpose. Great People. Great Opportunities. · At Imagine Learning we empower potential by creating educational solutions that inspire ...

  • Sentinel Offender Services

    Network Security Engineer, Senior

    4 days ago

    Sentinel Offender Services Tempe, United States

    Responsibilities · Sentinel is seeking a Senior Network Security Engineer for our deployment team. This individual will be standing up and deploying secure network solutions for mid to enterprise-level client environments. You should have a strong technical background, structure ...

  • WELLS FARGO BANK

    Ping Directory Lead Information Security Engineer

    2 weeks ago

    WELLS FARGO BANK Tempe, United States Full time

    About this role: · Wells Fargo is seeking a Lead Information Security Engineer that has experience with directory server solutions to join our dynamic team. This team member's responsibilities are to provide technical leadership in designing authentication solution and managing t ...

  • LINKIT Enterpise BV

    Security Engineer

    3 weeks ago

    LINKIT Enterpise BV Phoenix, United States

    Op zoek naar een Security engineer met AZ-500 certificaat · Opdrachtomschrijving: · We zijn op zoek naar een deskundige en gedreven SecOps Engineer om ons Azure Cloud Center of Excellence-team te versterken. Dit team is toegewijd aan het versterken en optimaliseren van de beveil ...

  • Virtual

    IT Security Engineer

    4 days ago

    Virtual Scottsdale, United States

    Vaco is on the market with a local client to hire two IT Security Engineers. In this role, you will represent security and mitigate risks throughout the company to improve and mature our security posture. You will bring a well-rounded background in IT and a working knowledge of s ...

  • Vaco

    IT Security Engineer

    4 days ago

    Vaco Scottsdale, United States

    Vaco is on the market with a local client to hire two IT Security Engineers. In this role, you will represent security and mitigate risks throughout the company to improve and mature our security posture. You will bring a well-rounded background in IT and a working knowledge of s ...

  • Cloud Analytics Technologies LLC

    Security Engineer

    13 hours ago

    Cloud Analytics Technologies LLC Scottsdale, United States

    Work Authorization: · US Citizen, Green Card, H-1B, GC-EAD, OPT-EAD, L2-EAD, TN Visa · US citizens (USC) and Permanent Residents (GC) are encouraged to apply. We are unable to offer any sort of Visa sponsorship for this position. · Local Candidates Preferred. Non-local candidate ...

  • Northern Trust

    Sr Manager, Cyber Security Engineering

    4 days ago

    Northern Trust Tempe, United States

    About Northern Trust: · Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. · Northern Trust is proud to provide innovative financial services and guidance to the worlds most succ ...

  • Early Warning

    Security Engineer III

    2 weeks ago

    Early Warning Scottsdale, United States Full time

    At Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, PazeSM, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and pr ...

  • GeoLogics Corporation

    Cyber Security Engineer

    4 weeks ago

    GeoLogics Corporation Scottsdale, United States Contract

    Senior Cybersecurity/Information Assurance EngineerScottsdale, AZActive Clearance Required: Top Secret/SCI with CI PolygraphRate: $60 to $68 an hour with partial benefits · Have you worked with RMF Assessments for a Closed, Intel Defense Program? Do you have a current 8570 Certif ...

  • Contract Professionals, Inc.

    Cyber Security Engineer

    1 week ago

    Contract Professionals, Inc. Scottsdale, United States

    Systems Cybersecurity Engineer · Location: Scottsdale, AZ · Work Arrangement: Fully On-Site · Salary: Pay according to experience · Position Objectives: · As a Cybersecurity/Information Assurance Engineer for Cyber Systems, you will be part of a cross-functional team responsible ...

  • Phoenix Staff, Inc.

    Senior Security Engineer

    3 weeks ago

    Phoenix Staff, Inc. Tempe, United States

    Title: Senior Security Engineer · Location: Tempe, AZ (Hybrid 3 days per week onsite) · Type: Contract · Our client is looking for a Senior Security Engineer to join their team in Tempe, AZ. · Responsibilities: · Security Operations: Monitor and analyze security alerts and incid ...