Desired Skills and Experience

  • Working knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, etc.) and programming patterns that lead to them, as well as remediation techniques
  • Experience with software security testing (static and dynamic analysis)
  • Experience with enterprise applications (architecture, development, support, and troubleshooting)
  • Working knowledge of authentication and identity management technologies
  • Working knowledge of cryptography, including encryption and hashing, to include proper application to real-world situations.
  • Strong interpersonal and communication skills; ability to work in a team environment
  • Ability to work independently with minimal direction; self-starter/self-motivated
  • Technical writing experience
  • Java EE software development experience preferred
  • Penetration testing experience preferred
  • HP Fortify (source code analysis) experience preferred
  • IBM AppScan (dynamic application security testing) experience preferred
  • Experience working with JIRA
  • Familiarity with high level programming languages (i.e. Java, C#, Python, etc.)
  • Basic database programming  (SQL, etc) experience preferred
  • Development/testing/security experience with mobile platforms (iOS, Android) preferred
  • Working knowledge of SSL/TLS protocols and certificate-based solutions preferred