Apply Now »
« Back to results
We have a Full Time opportunity available with our Nation-Wide FANG client that provides payment processing services, merchant services and related payment services. It also provides reloadable prepaid debit cards and payroll cards, and demand deposit accounts to the underbanked.
Responsibilities range from auditing code, architecture and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening.
Applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis. Candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud and cloud-hybrid architectures.
Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings
Provide SME support on secure code implementation, design and architecture.
Threat-modeling & risk analysis
Training
Participate in providing annual OWASP & PCI training for developers
Helps maintain updated Secure Coding Best Practices
Common application level vulnerabilities
Risk Management
Findings/vulnerability prioritization
Mitigation strategy
Controls Evaluation – Review, validate, recommend and create standards
Review of open-source development libraries for security risks
Web application firewall (WAF) rule development and implementation
Security technologies review and recommendations
What are the nice-to-have skills?
Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings Provide SME support on secure code implementation, design and architecture. Threat-modeling & risk analysis Bachelors of Computer Science or similar – 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development. Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews - Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure company information assets - Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people - Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team.
Qualifications: Bachelors of Computer Science or similar – 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development.
Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews -
Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure TSYS information assets -
Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people -
Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team.
Bachelors of Computer Science or similar
Application Security Architect - Security Operations/Cybersecurity
« Back to results
Job Info
Category | Security Operations/Cybersecurity |
Employment Type | Full-Time Employment |
Compensation | $103000.00 - $169000.00 |
Location | United States, AZ - 85284 |
Client Introduction
We have a Full Time opportunity available with our Nation-Wide FANG client that provides payment processing services, merchant services and related payment services. It also provides reloadable prepaid debit cards and payroll cards, and demand deposit accounts to the underbanked.
Job Description
Responsibilities range from auditing code, architecture and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening.
Applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis. Candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud and cloud-hybrid architectures.
Job Responsibilities
Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings
Provide SME support on secure code implementation, design and architecture.
Threat-modeling & risk analysis
Training
Participate in providing annual OWASP & PCI training for developers
Helps maintain updated Secure Coding Best Practices
Common application level vulnerabilities
Risk Management
Findings/vulnerability prioritization
Mitigation strategy
Controls Evaluation – Review, validate, recommend and create standards
Review of open-source development libraries for security risks
Web application firewall (WAF) rule development and implementation
Security technologies review and recommendations
Experience
What are the nice-to-have skills?
Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings Provide SME support on secure code implementation, design and architecture. Threat-modeling & risk analysis Bachelors of Computer Science or similar – 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development. Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews - Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure company information assets - Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people - Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team.
Required Experience
Qualifications: Bachelors of Computer Science or similar – 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development.
Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews -
Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure TSYS information assets -
Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people -
Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team.
Required Education
Bachelors of Computer Science or similar