SterlingVARecruiter Since 2001
the smart solution for Sterling jobs

Application Security Engineer III (NP)

Company: Cofense
Location: Leesburg
Posted on: September 12, 2019

Job Description:

Reporting to the Senior Director - Software Engineering, the Application Security Engineer III, NP is responsible for assisting the Development, Production Engineering, and Security Operations teams with application-level security assessment and threat mitigation.

Essential Duties/Responsibilities

* Actively participate in the development of software as a member of a Scrum team

* Participate in the review of the merge requests from Development and Production Engineering teams to proactively address security concerns before changes are merged to master

* Actively participate in our agile life-cycle, including planning, grooming, daily stand-ups and retrospectives.

* Use static code analysis tools to harden the software.

* Develop and evangelize secure programming standards

* Perform security reviews of software designs, assisting others to ensure quality and robustness of our products.

* Perform security focused design reviews considering elements such as: protocols, encryption, data storage, and business logic

* Validate, address, and document responses to security findings from third-party penetration testing engagements

* Other duties as assigned

The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.

Knowledge, Skills and Abilities Required

* Passionate about application security and development

* A self-starter who can identify work that needs to be done without waiting for direction

* Comfortable mentoring engineers that are globally distributed.

* Understand OS concepts such as scheduling, interrupt handling, virtualization of computing resources.

* Able to demonstrate an understanding of JAVA programming skills and are comfortable learning new languages.

* Comfortable working independently but able to escalate problems when necessary

* Demonstrate strong oral and written communication skills

* Willing to mentor and guide fellow team members kindly and constructively

* Enjoy sharing knowledge via documentation

* Happy to travel occasionally for team meetings and events

* Able to write PoC code and documentation that clearly demonstrate vulnerabilities

* Proficient with (or able to quickly learn) automation tools such as Selenium

* Able to find solutions to challenging technical puzzles with atypical constraints

* Able to effectively use git and understand common SCM workflows

* Able to write code that is intentional and readable, rather than magically obscure

* Enjoy tinkering

* Ability to list and demonstrate examples of the OWASP Top 10 preferred

* Familiarity with TDD/BDD preferred

* Working knowledge of AWS or other cloud computing platforms preferred

* Familiarity with proxies, firewalls, mail infrastructure, and other solutions commonly seen in large enterprises preferred

Education and/or Experience:

* Bachelor's degree preferred.

* Previous professional, full-stack app-dev experience preferred

* Have used static analysis security audit tools preferred

* Experience using CI environments (Jenkins/Docker) preferred

* Experience performing threat modeling

* Experience with secure code quality practices and tooling to support quick engagements and rapid analysis - static analysis tools (Coverity, Checkmarx, or similar), dynamic scanning (Rapid 7, AppSider, or similar), Fuzzing (AFL, Peach, or similar) and code coverage (Bullseye, LDRA, etc) preferred

* Experience with security incident response activities

* Experience penetration testing and the usage of web proxies for manual vulnerability assessment

* Customer support experience (retail, help desk, consulting, etc.) preferred

Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor s legal duty to furnish information.

Keywords: Cofense, Sterling , Application Security Engineer III (NP), Engineering , Leesburg, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Engineering Jobs

Principal/Sr. Principal Engineer Supplier Quality (Security Clearance required)
Description: Northrop Grumman Mission Systems sector is seeking an experienced Supplier Quality Engineerwith a focus in RF/ Electrical to join our team of qualified, diverse individuals in Baltimore, Maryland. Travel (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Engineering Technician C (Security Clearance required)
Description: Northrop Grumman is seeking an Engineering Technician C to join itsEngineering Sciences Supportteam. This position is located in Linthicum, MD. The Engineering Technician C will construct, test and troubleshoot (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Technical Writer 2 (ID) INTEL (Security Clearance required)
Description: Position Description Responsible for the preparation, review, revision, and maintenance of technical documents including software and systems engineering system operations, testing, and user documentation. (more...)
Company: Serco, Inc.
Location: Columbia
Posted on: 09/19/2019

Test Design Engineering Project Manager - Principal / Sr. Principal (Security Clearance required)
Description: The Test Design Engineering TDE organization at Northrop Grumman is responsible for designing, producing, and automating a broad range of advanced test capabilities to support Northrop Grumman's unique (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Technical Writer Editor XML(15535) (Security Clearance required)
Description: Job Title:-- XML Technical Writer/ Editor ID 15535 Location: --Surface Forces Logistics Center, Curtis Bay, MD Cherokee Nation Strategic Programs CNSP is a versatile, tribally owned 8 a , SDB providing (more...)
Company: Cherokee Nation Businesses
Location: Baltimore
Posted on: 09/19/2019

Principal/Sr. Principal Engineer Quality (Security Clearance required)
Description: Northrop Grumman Mission Systems Sector is seeking a Program Quality Engineer to be located at our Linthicum, MD location. Travel 25 . Put your years of experience into a future of excellence... The qualified (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Digital Test Lead - Staff Engineer (Security Clearance required)
Description: At Northrop Grumman, our employees have made significant historical contributions and are shaping the future. We are looking for people who have bold new ideas, courage and a pioneering spirit to join (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Subsystems Controls Engineer - Principal (Security Clearance required)
Description: Northrop Grumman Missions Systems is seeking an experienced Subsystems ControlEngineer with relevant background and experience in Subsystem control architecture, design, development, and integration/test (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Engineer Quality/Principal Engineer Quality (Security Clearance required)
Description: Northrop Grumman is seeking a Supplier Quality Engineer to become part of Northrop Grumman's Mission Assurance organization as part of the Supplier Quality East Coast Field Operations team. This position (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Manager Digital Engineer 3 (Security Clearance required)
Description: Northrop Grumman Mission Systems NGMS seeks to fill a Manager Level 3Digital Engineering position in The Engineering, Sciences Technology ES T function.The Digital FPGA Design Manager of Manager (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 09/19/2019

Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Sterling RSS job feeds