Cyber Security Engineer
Hybrid 3 days a week onsite About the Team:
The mission of the Enterprise Security Platform (ESP) team is to implement the Firm's Cybersecurity Strategy by architecting, engineering, deploying and operating technical security controls and capabilities for the Enterprise.
This is achieved by continued focus on architectural rigor, automation, Agile delivery and adoption of ESP's control implementations by our users and partners.
Our culture champions diversity, an inclusive environment for all, recognition and an opportunity to give back to our communities through various local charity partnerships What You'll Do - Collaborate with software development, system engineering and security architect peers to continually improve the security posture of applications and ensure the proper implementation of the security controls.
- Innovate new application security testing methods and support team effort to leverage tools and develop effective process to automate the security test cases.
- Serves as a Subject Matter Expert (SME) in web application security for organizational projects during the application development phase.
- Provide guidance, support, testing and recommendations to ensure secure application release.
Configure, run and monitor automated security testing tools - Perform manual validation of vulnerabilities Perform manual penetration testing of Web applications, Mobile applications, Thick clients and APIs - Thoroughly document exploit chain/proof of concept scenarios for internal client consumption These skills will help you succeed in this role:
- A degree or certificate in management information systems, cyber security, mathematics, computer science or related field or 7
years of relevant information security experience - Experience in security testing web applications, API and mobile platforms manually.
- Familiarity with vulnerability assessment, remediation and penetration testing best practices - Experience using Burp Suite and its extensions in penetration testing Development experience, working knowledge of Java.
- Excellent analytical and debugging skills.
Excellent communication skills Even Better If You Have - Have or desire to obtain one or more security-related certifications such as Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP) - Experience with Linux operating systems Experience with Mobile application programming - Experience with Web application technologies - Experience with Source code analysis software - Experience with Cloud Security (Azure/AWS Security Controls) - Experience with Scripting languages (preferably Python) Bachelor's degree preferred Recommended Skills Api Amazon Web Services Analytical Application Security Automation Business Informatics Estimated Salary: $20 to $28 per hour based on qualifications.
The mission of the Enterprise Security Platform (ESP) team is to implement the Firm's Cybersecurity Strategy by architecting, engineering, deploying and operating technical security controls and capabilities for the Enterprise.
This is achieved by continued focus on architectural rigor, automation, Agile delivery and adoption of ESP's control implementations by our users and partners.
Our culture champions diversity, an inclusive environment for all, recognition and an opportunity to give back to our communities through various local charity partnerships What You'll Do - Collaborate with software development, system engineering and security architect peers to continually improve the security posture of applications and ensure the proper implementation of the security controls.
- Innovate new application security testing methods and support team effort to leverage tools and develop effective process to automate the security test cases.
- Serves as a Subject Matter Expert (SME) in web application security for organizational projects during the application development phase.
- Provide guidance, support, testing and recommendations to ensure secure application release.
Configure, run and monitor automated security testing tools - Perform manual validation of vulnerabilities Perform manual penetration testing of Web applications, Mobile applications, Thick clients and APIs - Thoroughly document exploit chain/proof of concept scenarios for internal client consumption These skills will help you succeed in this role:
- A degree or certificate in management information systems, cyber security, mathematics, computer science or related field or 7
years of relevant information security experience - Experience in security testing web applications, API and mobile platforms manually.
- Familiarity with vulnerability assessment, remediation and penetration testing best practices - Experience using Burp Suite and its extensions in penetration testing Development experience, working knowledge of Java.
- Excellent analytical and debugging skills.
Excellent communication skills Even Better If You Have - Have or desire to obtain one or more security-related certifications such as Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP) - Experience with Linux operating systems Experience with Mobile application programming - Experience with Web application technologies - Experience with Source code analysis software - Experience with Cloud Security (Azure/AWS Security Controls) - Experience with Scripting languages (preferably Python) Bachelor's degree preferred Recommended Skills Api Amazon Web Services Analytical Application Security Automation Business Informatics Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
