Labur - Ottawa, IL

posted about 2 months ago

Full-time - Mid Level
Remote - Ottawa, IL
Administrative and Support Services

About the position

We are seeking a skilled Application Security Engineer with penetration testing skills to join an elite application security team. In this role, you will lead the evaluation of features and products, conduct comprehensive penetration tests, and document findings according to industry best practices. As a key member of the group, you will advocate for and implement software security best practices, assist stakeholders in designing secure features, and develop detailed threat models for proposed projects. This position is critical in ensuring the security of our applications and will involve collaboration with various teams to enhance our security posture. As part of your responsibilities, you will engage in vulnerability management by collaborating with external partners to replicate and address reported security issues. You will work closely with R&D teams to create and apply effective fixes. Additionally, you will oversee automated assessments by reviewing and validating results from automated vulnerability assessment tools, ensuring accurate detection and minimizing false positives. Your expertise will also be utilized in conducting thorough penetration tests using both manual techniques and automated tools to provide a comprehensive security assessment. You will play a vital role in developer training by educating developers on security best practices through the creation and delivery of engaging training materials. The position requires independent operation, where you will plan and carry out penetration tests, demonstrating your expertise in identifying vulnerabilities and recommending effective solutions. As a security advocate, you will promote robust software security practices and contribute to a culture of security awareness within the organization. Furthermore, you will collaborate with stakeholders to design, develop, and test features with a strong emphasis on security, and develop threat models for proposed features, providing insightful recommendations and defensive strategies.

Responsibilities

  • Collaborate with external partners to replicate and address reported security issues, working with R&D teams to create and apply effective fixes.
  • Review and validate results from automated vulnerability assessment tools, ensuring accurate detection and minimizing false positives.
  • Conduct thorough penetration tests using both manual techniques and automated tools to provide a comprehensive security assessment.
  • Educate developers on security best practices by creating and delivering engaging training materials as needed.
  • Independently plan and carry out penetration tests, demonstrating expertise in identifying vulnerabilities and recommending effective solutions.
  • Promote and advocate for robust software security practices and contribute to a culture of security awareness.
  • Work with stakeholders to design, develop, and test features with a strong emphasis on security.
  • Develop threat models for proposed features, providing insightful recommendations and defensive strategies.

Requirements

  • At least 3 years of experience in application penetration testing combined with software engineering skills.
  • 3+ years of experience with enterprise software/systems using languages such as C#, Java, Ruby, Go, Python, etc.
  • Demonstrated ability to create detailed penetration test reports tailored for both executive and developer audiences, including prioritization and mitigation strategies.
  • Strong familiarity with the OWASP testing guide and industry-standard security practices.
  • Knowledge of various web frameworks and technologies, including JavaScript, XML, SOAP, and JSON.

Benefits

  • Highly competitive base salary plus bonus program
  • Health insurance plan
  • 401(k)
  • Generous PTO policy
  • Hybrid-remote work environment
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service