Desired Skills and Experience
- Working knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, etc.) and programming patterns that lead to them, as well as remediation techniques
- Experience with software security testing (static and dynamic analysis)
- Experience with enterprise applications (architecture, development, support, and troubleshooting)
- Working knowledge of authentication and identity management technologies
- Working knowledge of cryptography, including encryption and hashing, to include proper application to real-world situations.
- Strong interpersonal and communication skills; ability to work in a team environment
- Ability to work independently with minimal direction; self-starter/self-motivated
- Technical writing experience
- Java EE software development experience preferred
- Penetration testing experience preferred
- HP Fortify (source code analysis) experience preferred
- IBM AppScan (dynamic application security testing) experience preferred
- Experience working with JIRA
- Familiarity with high level programming languages (i.e. Java, C#, Python, etc.)
- Basic database programming (SQL, etc) experience preferred
- Development/testing/security experience with mobile platforms (iOS, Android) preferred
- Working knowledge of SSL/TLS protocols and certificate-based solutions preferred