Web Application Security Engineer

St. Louis, MO

Compensation: $85k - $100k base salary

Relocation assistance available

Summary:

This person will work closely within a growing team of Security Engineers. The role would work with a heavy focal point on ensuring the application infrastructure is secure within the organization while be focused on technical initiatives. The family based culture of the organization provides a tremendous opportunity to grow from within as the security department grows.

Job description:

My client is looking for an Application Security Engineer to assist in ensuring that their application infrastructure is secure. The Application Security Engineer will have some background in Information Security; however, the main goal of this person is to ensure that our applications are secure so it is essential they have a solid development background. They will consider a development background and interest in breaking into security*

The ideal candidate will work within a team environment to maintain the security framework while in very complex and secured infrastructure. In addition, the candidate must be knowledgeable about threats, vulnerabilities and remediation. The individual should be highly motivated; results oriented; have excellent communication and presentation skills and needs to be a strong team player.

Responsibilities:

Design, implement, and maintain security focused infrastructure.

Help define overall information security strategies and procedures.

Perform White-Box and Black-Box Web Application Security Assessments on all applications.

Develop secure coding policies and practices

Develop security focused application architecture

Review application source code and database SQL and stored procedure code for potential vulnerabilities and exploits.

Perform User Access assessments and provide new processes and control matrices for user access control.

Manage segregation of duties for all applications by performing audits and assessments.

Assist other members in the Information Security department by providing backup of technologies.

Evaluate new and emerging products and technologies.

Assist with Security Awareness and Training.

Develop and enforce security policies, standards, procedures and guidelines.

Train the information system department on security issues.

Assist in the Incident Handling and Response.

Requirements:

Minimum of 2 years in information security or minimum of 5 years in information Systems

Minimum of 2 years in application development in C/C , .Net, Java, or J2EE.

Knowledge of Perl, Shell programming and Windows Batch file

Web technology knowledge (HTTP, HTML, SQL, CSS, JavaScript)

Knowledge of the detection, exploit and prevention of software vulnerabilities (i.e., SQL Injection, XSS, buffer overflows)

Knowledge and experience in secure application design and implementation, specially pertaining to networked and web-based applications

Contact information:

Please submit your information through the SUBMIT RESUME function and send an email with your resume in Word format and a note describing your background to John@altaassociates.com (unless you are already working with another Alta recruiter).