Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Application Security Engineer, London

from [iain] Network Security [Permanent Link]
Subject: [SJ-JOB] Application Security Engineer, London
Date: 18 Jul 2007 18:29:49 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Application Security Engineer
Location:       London, , United Kingdom
Type:           Permanent F/T

Closing Date:   2007-07-28


Application Security Analyst

Reference No.   SF-26
Company Leisure Industry
Location        London
Salary  Up to &pound;60,000
Package Potential 20% bonus + benefits package
Start Date      ASAP
No. Required    1
Reports To      Application Security Manager
The Role
There is an open position in the Application Security team for an enthusiastic 
and highly skilled Application Security Analyst who has a background in 
security and / or development. Candidates should be comfortable studying 
complex systems, able to identify application risks and threats, and be willing 
to recommending appropriate countermeasures.
The role involves interacting with development teams to ensure that production 
web applications are implemented with security in mind. Typical engagements 
involves conducting architectural / design reviews, code reviews, penetration 
tests, tracking new requirements and recommending improvements. The Application 
Security team is responsible for the security of all applications developed 
internally or externally. The role may also involve developing tools to 
automate certain security functions.
Key Responsibilities / Duties:
Understand the architecture of production systems including identifying the 
security controls in place and how they are used
Ability to review code of enterprise applications (java and oracle / SQL) by 
tracing the execution flow through an application and identifying possible 
security vulnerabilities.
Understand database weaknesses and security best practices
Ability to evaluate functional and technical specifications early within the 
software development life cycle and identify possible threats or areas of 
weakness based on the documentation. 
Write tools to automate certain security tasks
Keep understanding of vulnerabilities current
Key Working Relationships:
Liaise with development managers and quality assurance teams in the planning of 
projects to ensure security input is given and that security reviews are 
included in project schedule.
Ability to work in on multiple concurrent projects with multiple development 
teams, internal and external
Experience & Qualifications Required:
Essential:
5+ years working in the software / security industry
Security experience from previous projects
Desirable:
Java code review knowledge or experience
Security related qualifications (e.g. CISSP, CEH etc)
Knowledge of various security tools
Key Skills and Attributes:
Strong understanding of the Web Application threats.
Knowledge of software development security principles and best practices
Strong analytical and diagnostic skills
Expert knowledge of Java, JSP, Struts, .Net, Java Patterns, HTTP & SQL
Experience administering or securing Oracle databases
Strong understanding of three tier web applications.


JOB REQUIREMENTS
---------------------------------------------------
Candidates must be eligable to work in the UK when applying


CONTACT
---------------------------------------------------


Information Security Solutions
Iain Sutherland

iain@InformationSecuritySolutions.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Application Security Engineer, London, iain <=
Previous by Date:  [SJ-JOB] Sr. Security Analyst, Washington, leigh . scott
Next by Date:  [SJ-JOB] Sr. Security Analyst, San Antonio, dwc
Previous by Thread:  [SJ-JOB] Sr. Security Analyst, Washington, leigh . scott
Next by Thread:  [SJ-JOB] Sr. Security Analyst, San Antonio, dwc
Indexes:  [Date] [Thread] [Top] [All Lists]