Our direct client, a Top Tier Brokerage Firm, offering electronic trading platforms for the trade of financial assets including common stock...
Our direct client, a Top Tier Brokerage Firm, offering electronic trading platforms for the trade of financial assets including common stocks, preferred stocks, futures contracts, exchange-traded funds, options, cryptocurrency, mutual funds, and fixed-income investments, is looking for a strong Software Security Engineer. This role is a contract position located in their Jersey City, NJ Omaha, NE
At First Tier Technology, we believe the core strength of our organization lies with the people who are our most valuable assets and enablers of success. We view ourselves as enablers and providers of a positive and supportive environment, which motivates our employees, facilitates achievement, and creates consistent and high levels of performance. Our clients are some of the most highly regarded Financial Services & Investment Banks in the US!
Software Security Engineer
6 months++ Contract
Jersey City, NJ, and Omaha, NE
The Software Security Engineer ensures the control and protection of software, improve the software development process, and minimize vulnerabilities in software production.
Well qualified candidates for this position will demonstrate the following key traits:
- Prior to hands-on engineering experience on a Software Security or Application Security team
- Experience partnering with development teams to balance innovation and security concerns
- Capable of analyzing large amounts of disparate data to produce easily understandable content
- Ability to learn new systems, tools, and processes quickly.
Well qualified candidates will also demonstrate expertise in the following technical areas:
- Application engineering strategy and architecture design and experience in software development
- Ability to perform security code reviews with Java/Spring and various JS frameworks.
- Expert knowledge in application vulnerability types, attack vectors and remediation approaches
- Industry best practices for secure software development as well as web and mobile application security.
- Application penetration testing using BURP Suite and other open source pen-test tools.
- Prior experience with Imperva WAF policy and tuning a plus.
- Experience with vulnerability scanning tools such as Fortify, Blackduck, Checkmarx, Whitehat and Seeker.
- Working knowledge of authentication, authorization, access management, and encryption technology.
- Expert understanding of the IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS.
- Familiarity with well-known application security sources and standards such as OWASP.
- provided by Dice