Experienced Web Application Security Consultant, Aspect Security, Inc

Title: Experienced Web Application Security Consultant

Location: New York, NY

Company: Aspect Security, Inc.

Link to Apply: https://www.aspectsecurity.com/about/careers/

Description: Aspect Security, a leading provider of application security services, is seeking individuals who want to join a highly skilled team dedicated to helping clients improve their application security posture. As an Experienced Application Security Engineer you will primarily be responsible for the execution of planned client projects and may be called upon to support internal projects, pre-sales efforts, facilitate external training courses, and mentor employees. Eligible candidates are those living within a commutable distance to downtown New York or who are willing to relocate.

Key Tasks

•	Work with development teams to carry out Application Security Reviews; Performs threat modeling, vulnerability analysis, penetration testing, code review, and SDLC support.

•	Provide expert advice and consultancy to customers on risk assessment, threat modeling and fixing vulnerabilities.

•	Design, implement and support security-focused tools and services.

•	Evangelize security and be an advocate for a positive approach to application security.

•	Write technical reports based on findings.

•	Deliver application security training courses.

Qualifications

Technical Skills

o	 Demonstrated proficiency with development frameworks and languages (Java, C/C++, .NET, C#).

o	Proficiency writing secure code

o	Experience working with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role).

o	Knowledge of and experience working with common application security tools (Fortify, AppScan, WebInspect etc.)

Consulting Skills

o	Project execution, strategy and management.

o	Understand the processes, methods, and techniques needed to ensure that project deliverables and outcomes are successfully developed, within scope and to the quality required.

o	Be able to manage issues and prospective changes, prepare project status reports, manage stakeholder communications and process project exceptions.

o	Identify and manage risks.

o	Be able to perform checkpoint and stage end reviews and generate management information.

o	Strong written and verbal communication.

Education and Experience

o	BS in Computer Science or equivalent required, MS preferred.

o	3-5 years of application security experience.

o	Experience in vulnerability testing and auditing.

o	Prior code audit/application penetration testing.

o	Knowledge of secure development practices and techniques including OWASP Top Ten.