Application Security Engineer at Jack Henry & Associates, Inc.® () (allows remote)

Jack Henry & Associates is seeking an Application Security Engineer to join the Chief Information Security Officer ‘s Enterprise Information Security Group. This position is part of a small team of experienced security analysts that works with all internal development teams to assess application security threats across the organization. Must possess strong communication and interpersonal skills. This position will be responsible for testing and analyzing applications for security weaknesses and vulnerabilities. This position will be hired to work Remote and travel is up to 5% to attend meetings, conferences and or additional training.

The Application Security Engineer should possess basic knowledge of application security, including security concepts and secure coding principles such as the OWASP Top 10 and the Center for Internet Security (CIS) Top 20.  Applicant should be familiar with security/penetration testing concepts and be familiar with common testing tools like web proxies such as Rapid7 AppSpider, and or Burpsuite Pro.

Applicant should have familiarity with programming in at least one of the following languages: .NET (ASP, C#), JavaScript, HTML, and be able to read and understand basic code and programming concepts, as well as concepts related to how software is commonly deployed (ex, common web application architectures). Familiarity with SDLC, threat modeling, and other aspects of software security and architectural analysis is a plus.  If you are interested in this position please apply on or before March 19, 2018.

MINIMUM QUALIFICATIONS

• 
  
• Must have a minimum of 18 months of experience in information security or web application development.
• 
  
• Must have experience with application security testing tools such as:  IBM AppScan, HP Webinspect, Accunetix, Rapid7 AppSpider, and or Burpsuite Pro.
• 
  
• Must have experience with OWASP tools and or methodologies in HTTP and web programming.
• 
  

PREFERRED SKILLS

• 
  
• Bachelor’s degree in Information Technology is preferred.
• 
  
• Security certifications (e.g., CISSP, CEH, GWEB) preferred.
• 
  
• Experience with web development technologies such as HTML, CSS, and JavaScript is preferred.
• 
  
• Experience with web service technologies such as REST, XML, SOAP, and AJAX is preferred.
• 
  
• Knowledge of common security requirements within web based applications is preferred.
• 
  

ESSENTIAL FUNCTIONS

• 
  
• Perform application security assessment and penetration testing.
• 
  
• Perform manual and/or automated security reviews across a variety of application platforms.
• 
  
• Follows up on application security assessment with development teams.
• 
  
• Participates as needed in documenting software security standards, guidelines, policies and procedures.
• 
  
• Acts as a resource on assigned projects.
• 
  

Equal Employment Opportunity

Applicants for U.S. based positions with Jack Henry & Associates must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.

Jack Henry & Associates, Inc. is an Equal Employment Opportunity/Affirmative Action Employer and maintains a Drug-Free Workplace.

Females, minorities, veterans, and individuals with disabilities are encouraged to apply.

by via developer jobs - Stack Overflow