Information Security Engineer - Chandler, AZ
Develops specifications for extremely complex computer network security/protection technologies for company information and network systems/applications. Develops security solutions for the company's networks and virtual private networks, application systems, key public infrastructures, authentication and directory services to ensure the security of the network and confidential data. Identifies emergent vulnerabilities, evaluates associated risks and threats, and designs network vulnerability scans to identify security vulnerabilities and provides remediation alternatives to the customer. Serves as technical lead responsible for specific areas of computer security incident response activities to include intrusion detection monitoring, scanning, cyber threat reporting, and development/implementation of vulnerability mitigation strategies. Leads security risk assessments to ensure compliance with corporate security policies and adherence to best practices. Leads the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems. Serves as a high level technical security resource on large-scale network and/or systems/applications issues.
• 4+ years of hands-on experience in configuring software tools in various environments.
• 4+ years configuring IDEs as a developer (Eclipse and/or Visual Studio).
• Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
• Knowledge and understanding of security consulting on complex issues related to data access, integrity, confidentiality and business continuity
• Knowledge and understanding of Fortify Code Analyzer
• Knowledge and understanding of application or software security such as web application penetration testing, secure code review, secure static code analysis
• SAST (Static Analysis Software Testing) experience
• DAST (Dynamic Application Software Testing) experience
• Mainframe security experience
• Knowledge and understanding of information security threat management and mitigation domain
• Knowledge and understanding of information security tools development Unix and windows
• Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats.
• Certified Information Systems Security Professional (CISSP)
• Advanced Information Security technical skills and understanding of information security practices and policies
• Hands on experience with FOSS, and open source application development tools and repositories.
• Knowledge or experience with all or some of the following practices:
- threat modeling
- static analysis
- bug bars
- attack surface analysis
- risk/privacy assessments
- dynamic analysis
- design requirements.
• Advanced problem solving skills, ability to develop effective long-term solutions to complex problems.
• Exemplary people and communication (verbal and non-verbal) skills.
• Hands-on experience with application security coding.
• Specific banking domain experience with one or more of the following:
- Community Banking
- Consumer Leading
- Wealth Management
- Retirement Services and/or Wholesale Banking (Capital Markets)
• Ability to manage complex issues and develop solutions
• Knowledge and understanding Project Management experience / Technical Lead
• Certified Secure Software Lifecycle Professional (CSSLP)
• A BS/BA degree or higher in information technology
United States of America
Online / Full App
Folder Group ID
Apply for this Position
Job Title: Information Security Engineer
Location: Chandler, AZ
Job Type: Temp Position
Reference ID: 341431
Posted Date: 10/1/2018