Application Security Engineer - Chesterfield, United States - NetEffects

Description

12-18 month contract position with Benefits
Can be Fully REMOTE

Rate:
$70-75/hr. W2 with benefits/PTO

Application Security Engineer with SOC 2 Compliance experience

The position is targeted for someone with around 5 years or more of experience in application security


Areas of focus:
Attestation with SaaS or OTS

applications

in which the person will review the product documentation in regard to their security posture (SOC 2) and analyze if their controls are acceptable to Company standards

(Experience in SOC 2 compliance and in interpreting vendor SOC 2 information)
Aide teams in fixing vulnerabilities
Update the dashboard with current status of each teams' platforms against security controls

Requirements

4+ years' experience in information systems security. with a focus on Application Security
Knowledge of


OWASP
Top Ten application security assessments and code reviews
Knowledge of security testing tools such as Burp Suite or Zed Attack Proxy.
Working knowledge of

SAML, OAuth, Kerberos, Okta (or equivalent software) and secure software development lifecycle SSDLC methodology
Experience in

SOC 2 compliance and in interpreting vendor SOC 2 information.
Outstanding communication, analytical skills and ability to function in a globally

Preferred:

5+ years' experience in information systems security.
Experience in languages like JavaScript, Groovy, Python/Shell/AWK a plus.
Experience in GDPR compliance, NIST security controls
1 + years of experience with public and hybrid cloud environments.
The following certifications would be a plus: GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), GIAC Web Application Defender

#J-18808-Ljbffr