Previous Job
Previous
Sr. Application Security/Cyber Security Engineer-Henderson NV
Ref No.: 18-03211
Location: Henderson, Nevada
Title : Sr. Application Security/Cyber Security Engineer
Location : Henderson NV
Duration : Contract (6+ months)
Rate : DOE

US Citizen, Green Card, TN, GC EAD and H4 EAD only No Third-party agencies corp to corp.


Job Description:
  • Develop approaches to address the implementation of software and OT security solutions
  • Consult development teams on security requirements and utilize common components to meet them and documenting of a secure software development lifecycle
  • Be able to scope and participate in hardware and software penetration tests, vulnerability identification, and vulnerability risk assessment
  • Create and track meaningful metrics around product cyber-risk and compensating controls
  • Create vulnerability and incident trend analysis to improve product design
  • Perform end-to-end application security reviews to ensure data, system components, and communication channels are appropriately protected
  • Maintain cyber service catalog and conduct proactive vulnerability monitoring and assessment on cyber components
  • Engage and administer End-of-Life processes for digital products
  • Engage in application and domain-specific threat modeling and attack surface analysis/reduction
  • Help prepare reports at appropriate levels of confidentiality for stakeholders to view
  • Provides guidance on automated testing tools and techniques
  • Maintain documentation of design patterns/recipes for common security requirements
  • Architect, design, implement, support, and evaluate security focused tools
  • Perform other security functions or tasks as directed.
Qualifications:
  • Experience with secure coding principles; code signing and secure boot
  • Experience with penetration testing and ethical hacking
  • Practical implementation and architectural experience in encryption techniques, including data at rest and in transit
  • Proficiency in creating dataflow diagrams, network diagrams, and other application related design documents
  • Proven experience in security code review and code analysis
  • Must be fully proficient in, and able to instruct others, on the OWASP Top 10
  • Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Experience in securing cloud infrastructure such as AWS, Azure and alike (i.e., inspection, logging, WAF, VM)
  • Minimum of 1 year of experience with secure development life-cycles