It’s raining opportunity in Portland
The tech industry in Portland market is characterized by many small, highly nimble firms at the leading edge of innovation—and a booming job market. Come grow with us in Portland: check out our Portland IT jobs.
As a Senior Security Engineer your role on the team will be focused on the automation and integration of security vulnerability assessment systems to drive accountability & visibility of our client's high risk findings. Sources of data will be from network vulnerability, dynamic web application, static code analysis and mobile application security tool suites. You will work with technical and business teams to understand customer use cases for remediation of the vulnerabilities and provide solutions to create self-service visibility into security findings for mitigation. You will also drive to improve application security practices, interact with development teams and focus on improving overall application quality.
• Developing automation script/tools to scale out the vulnerability management team’s work across the organization
• Subject Matter Expert for deployment & management of various security vulnerability assessment tools.
• Develop custom platform integrations, data correlation and processing strategies to reduce false positives and align data against our client's remediation policies
• Educate Engineers, developers and Product teams on the importance of Application Security, along with the services ability to assist them to be successful
• Assisting developer community to effectively utilize the tools and remediate findings identified
• Assist with maintaining pipeline integration of security tools into various development SDLCs
• Continually evaluate the current Application Security Program; work with the team to grow the program and develop future roadmap
• Communicate complex technical issues simply to different audiences
• Ability to quickly learn new Information Security concepts and adapt to a fast-paced, ever changing organization
• Working cross functionally with multiple teams on establishing new processes and improving existing security across the platform
What We're Looking For:
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who has in-depth experience and clearly demonstrates these skills:
• BS or MS degree preferred in computer science, information assurance
• Software development background and strong knowledge of software development lifecycles
• Experience in Application Security, Applied Cryptographic Protocols and administering web-based applications and servers
• Experience with security toolsets such as network vulnerability scanners (Nessus, Nexpose, Qualys), Dynamic Web application Scanners (WebInspect, AppSpider, Whitehat, Veracode), Static Code Analysis (Fortify, Veracode) and component lifecycle management tools (Sonotype, Blackduck)
• Ability to develop and communicate recommendations to management
• Ability to translate technical security vulnerabilities into business risk
• Strong problem-solving and conceptual thinking abilities
• Strong ability to reverse engineer tools, exploits and open source applications and ability to develop them
• Experience looking for application security vulnerabilities such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
• In-depth familiarity with Windows and Unix Operating Systems
Apply for Vulnerability Automation Engineer (8228300)
Fill out the form below to submit your information for this opportunity. Please upload your resume as a doc, pdf, rtf or txt file. Your information will be processed as soon as possible.
Return to IT Job Search