Category: Information Security
Company Description: Leading Automotive Sales Website
Salary: Highly Competitive, Depending on Experience
Position Type: Permanent
Job Number: 10329
Senior Application Security Engineer
The Senior Security Engineer is a subject matter expert on our Engineering team, responsible for enhancing and supporting our client’s application security. An ideal candidate understands how to troubleshoot complex secure coding issues and has the ability to identify downstream impacts. The Senior Security Engineer is responsible for clearly communicating rationale and guidance for remediating security issues along with resolving problems using broad-based analysis and demonstrates coding techniques to support innovative solutions.
This position will support and enhances security infrastructure for a rapidly growing, cloud-based e-commerce. The Senior Security Engineer will also guide the development and maintenance of security policies, standards and guidelines, as well as mentors’ peers on security policies and practices. Additionally, they will collaborate with IT and DevOps to develop an information security road-map that ensures the safety of customer, internal, and 3rd-party data.
§ Support and enhance identity and access management infrastructure.
§ Design & evaluate application and database security elements to mitigate threats as they emerge.
§ Create & evaluate solutions that balance business requirements with information and security requirements.
§ Identify security design gaps in existing and proposed architectures and recommend changes/enhancements.
§ Identify application and database security gaps, evaluate and implement enhancements.
§ Monitors and mitigates application security vulnerabilities, ensuring timely resolution.
§ Other duties as assigned
§ Bachelor’s in Information Technology, Computer Science, Engineering or related field required
§ Master’s Degree preferred
§ 5+ years of full-time experience in dedicated, technical information security roles.
§ CISA, CISM, CISSP or similar certification preferable.
§ Strong knowledge of information security principles and practices.
§ In-depth knowledge of applications, systems, network and data security, telecommunications, security operations, and associated hardware, software and protocols
Nice to Haves
§ Experience with incident response and analysis, preferably in a leadership role.
§ Experience performing packet analysis.
§ Knowledge of host-based information security technologies.
§ Knowledge of Incident Analysis and response concepts and techniques.
§ Knowledge in the use of information security and networking tools such as; Nmap, Wireshark, Nessus and Kali Linux.
§ Knowledge of the security implications involving a variety of technologies including but not limited to; Microsoft, Cisco, Unix/Linux, EMC, and other market leaders in technology solutions, including mobile devices.
§ Knowledge of IDS/IPS, firewalls, proxies and other network security technologies.
Andiamo provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Andiamo complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
17 State Street, 8th floor
New York, New York 10004
Please Note: All inquiries will be treated with the utmost confidentiality. Your resume will not be submitted to any client company without your prior knowledge and consent.