Posted on
The Application and Systems Security Engineer is a multifaceted role that combines the strengths and responsibilities of an Application Security Engineer, a Systems Security Engineer, and an overall Penetration Tester and security vulnerability expert. The incumbent will work with Subject Mater Experts, developers and IT Security staff to continuously identify and mitigate security issues, as well as coordinate across teams to provide suitable evidence and documentation for security related activities. In the event of a cyberattack or other form of IT security related vulnerability identification, the Application and Systems Security Engineer will lead efforts to identify issues/breaches and bring the vulnerability to resolution.
The list of application and system technologies includes the following : Java/JEE, JavaScript, Groovy, PHP, Solr, ELK, Spring Framework, Weblogic, Oracle Database, MySQL, Matomo, Tomcat, JBoss, Jetty, Apache Web Server, Adobe lifecycle, Documentum, Drupal, Node.js and other open source framework.The system technology includes; Redhat Linux, Virtualization/container tools including VMware, ESXi Hypervisor, Vsphere Hardwar Load Balancer, iRules, networking, DNS, Zabbix, NFS, SSL, HTTPS, Active Directory, SFTP, SSH, SMTP Mail Relay, WebDav Server, DDOS Mitigation, CloudFlare.
Skills Required:
•Relevant experience with technologies referenced in the duties section.
•5 years' experience as an Information Systems Security Engineering Professional (CISSP-ISSEP)
•Experience and training in maintaining ISO 27001 certification.
•Experience leading application and system security initiatives and providing technical expertise in designing secure public-facing and internal-facing services and APIs.
•Experience in design and automate penetration testing across environments to identify and resolve vulnerabilities.
•Experience in analyze security risks and provide mitigation activities and security controls to resolve any identified security risks across systems, applications, and environments.
•Experience with toolsets, such as but not limited to: nikto, Wireshark, Metasploit, Burp Suite
•Experience with waterfall and agile (Scrum & Kanban) SDLC
•Experiencing authoring, editing, and maintaining design documentation, standard operating procedures, and system configuration documentation.
•Knowledge of Java EE configurations.
•Communicate fluently in the English language, in writing and orally.
•Experience with DevOps, test driven development, and test automation for all levels of the test
Education:
BS/BA in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline preferred.
Analogiks is Small, Women-Owned and Minority Company. SWaM Certified and has long been a key partner that has consistently met our clients needs in a timely manner. Here at Analogiks our team has remained the prime source for talent identification, attraction and acquisition needs of client companies. Analogiks not only provides staffing needs but we assist our clients in maintaining a Diverse Workplace by specializing in hiring Veterans, Women in Technology and other talented resources.