One of world's leading financial services firms is seeking a Senior Application Security Engineer that is looking to have their hands on every stage of the SDLC, from initial design through to ongoing penetration testing. With a keen eye and a purse to attract the top-talent out there, this Senior Application Security Engineer will be joining a well-rounded team of rock stars with tremendous earning and growth potential in the long-term as well.
Core Responsibilities
- Perform web, binary, and network penetration testing on internal and external applications
- Communicate discovered issues, how to exploit them, and how to fix them for both technical and nontechnical audiences.
- Work with engineering teams in the design phase of new products and features.
- Participate in reactive incident response when security event is recognized
- Research new attack vectors and methodologies and reproduce, score, and further investigate reported issues.
- Develop techniques and frameworks that will enable engineering teams to find flaws pre-production
- You will architect and create frameworks that prevent current and future attack scenarios
- Be the go-to security authority and respond to internal security engineering inquiries
- Create and execute training exercises to advance developers' security knowledge
- You will research, architect, and execute solutions that will advance internal security monitoring & controls
Requirements
- 5+ years of experience performing penetration tests and code reviews.
- A broad range of security knowledge, with a keen eye in areas including, but not limited to; web applications, UNIX boxes, binaries, macOS, Windows, iOS, Android, cryptography
- Command of pentesting tools and how to use them to your advantage.
- Proficiency in one or more programming languages, with an ability to read and understand code written by others
- Have strong communication skills, both written and verbal: we have a lot of remote and asynchronous communication given our distributed teams and customers.