Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Location : Triangle Park, NC
Duration : 12 +Months
Enjoy challenges? Big challenges? Come work for the office of the Chief Information Security Officer and help meet the global challenges of keeping one of the largest companies in the world secure. We're looking for enthusiastic and innovative team members to join us in several application and developer-centric security roles at our location in Research Triangle Park, NC.
This squad is responsible for piloting, deploying, integrating, operating and supporting developer-centric security services provided to internal development teams.
This application security consultant role includes all aspects of the squad mission but primarily has three main focus areas.
First, this role will actively contribute to the development of the secure engineering methodology and practices. Examining current practices and tools, determining gaps, making recommendations and appropriate updates.
Second, this includes a hands-on, technical role. This role will assist with work including setting up and piloting new security technologies and products, deploying these services to production and integrating these services.
Finally, this role will also assist in solving application security related service escalations and providing application security consulting services to the squad and other internal teams.
Essential Job Duties:
- Focus on application security and secure engineering capabilities, tools and processes
- Provide application security consulting to the squad and internal development teams on topics such as integration, remediation, testing, etc.
- Contribute to the day-to-day development, implementation, monitoring and operational support of managed solutions and service provider relationships.
- Engage in information security projects that evaluate existing security services and propose modifications and additional services and capabilities to meet any gaps identified.
- Resolve or escalate issues impacting security services and service adoption
- Proactively identify areas for improvement and develop plans to address
- Assist in the creation of metrics for measuring service success and business value
- Perform other duties as assigned.
- 5+ years of security experience with particular focus on application security, web application security and secure engineering. Areas such as OWASP Top 10, CWE/SANS Top 25, NIST, CERT, secure SDLC, threat modeling, etc.
- 5+ years of experience with Internet and web technologies and associated security technology. Areas such as HTTP, TLS, DNS, REST, TCP/IP, WAF, SAST, DAST, etc.
- 3+ years Linux/UNIX experience
- 3+ years development or scripting experience
- 2+ years of experience with cloud computing technologies, including software, infrastructure and platform-as-a-service, containers and serverless
- Familiar with NoSQL and relational databases
- Familiar with SCM tools (git), CI/CD tools (Travis, Jenkins, etc.), CM tools (Puppet, Chef, etc.), testing tools and similar
- Experience working on Agile teams
- Working knowledge of Linux, UNIX and Windows or OSX.
- Prefer certifications such as CISSP, CSSLP or similar.
- Ability to speak and write well.
- Track record of acting with integrity, taking pride in work, seeking to excel, self-motivation, being curious and adaptable, mentorship and communicating effectively.
- Bachelor's degree in computer science, information assurance, MIS or related field,
Apply by creating/using an account