Web Application Security Consultant, Aspect Security, Inc

Title: Web Application Security Consultant

Location: Columbia, MD

Company: Aspect Security, Inc.

Link to Apply: https://www.aspectsecurity.com/about/careers/

Description: Aspect Security, a leading provider of application security services, is seeking individuals who want to join a highly skilled team dedicated to helping clients improve their application security posture. As an Application Security Engineer you will primarily be responsible for working with a team to execute planned client projects and may be called upon to support internal projects and pre-sales efforts. An Application Security Engineer possesses solid consulting and technical skills. Candidates must be willing to travel.

Key Tasks:

•	Work with development teams to carry out Application Security Reviews; Performs threat modeling, vulnerability analysis, penetration testing, code reviews, and SDLC support.

•	Provide consultancy to customers on risk assessment, threat modeling and vulnerability remediation.

•	Design, implement, and support security-focused tools and services.

•	Evangelize security and be an advocate for a positive approach to application security.

•	Write technical reports based on findings.

Qualifications:

Technical Skills

o	Demonstrated proficiency with development frameworks and languages (Java, C/C++, .NET, C#).

o	Experience writing secure code.

o	Experience working with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role).

o	Familiarity with common application security tools, experience working with common tools is ideal. (Fortify, AppScan, WebInspect etc.)

Consulting Skills

o	Identify and communicate risks to team lead(s) and project manager.

o	Strong written and verbal communication.

o	Comfort level in customer facing situations.

o	Critical thinking and problem solving.

Education and Experience

o	BS in Computer Science or equivalent required, MS preferred.

o	2-3 years programming experience.

o	Knowledge of or exposure to secure development practices and techniques including OWASP Top Ten with a strong desire to learn more.