Labur - Ottawa, IL
posted about 2 months ago
We are seeking a skilled Application Security Engineer with penetration testing skills to join an elite application security team. In this role, you will lead the evaluation of features and products, conduct comprehensive penetration tests, and document findings according to industry best practices. As a key member of the group, you will advocate for and implement software security best practices, assist stakeholders in designing secure features, and develop detailed threat models for proposed projects. This position is critical in ensuring the security of our applications and will involve collaboration with various teams to enhance our security posture. As part of your responsibilities, you will engage in vulnerability management by collaborating with external partners to replicate and address reported security issues. You will work closely with R&D teams to create and apply effective fixes. Additionally, you will oversee automated assessments by reviewing and validating results from automated vulnerability assessment tools, ensuring accurate detection and minimizing false positives. Your expertise will also be utilized in conducting thorough penetration tests using both manual techniques and automated tools to provide a comprehensive security assessment. You will play a vital role in developer training by educating developers on security best practices through the creation and delivery of engaging training materials. The position requires independent operation, where you will plan and carry out penetration tests, demonstrating your expertise in identifying vulnerabilities and recommending effective solutions. As a security advocate, you will promote robust software security practices and contribute to a culture of security awareness within the organization. Furthermore, you will collaborate with stakeholders to design, develop, and test features with a strong emphasis on security, and develop threat models for proposed features, providing insightful recommendations and defensive strategies.