The Senior Application Security Analyst will be responsible for integrating security into the development of exciting new application platforms at Wireless Generation. The individual will be embedded in the product development team with a dotted-line reporting relationship to the WG Chief Information Security Officer. The Senior Application Security Analyst will work closely with the product development team to threat model the early architecture and identify required control points in the application. The Senior Application Security Analyst will also work closely with developers to diagnose, document, and remediate application security vulnerabilities.
Apply here: http://ch.tbe.taleo.net/CH14/ats/careers/requisition.jsp?org=WIRELESSGENERATION&cws=1&rid=2886
This position may be funded, in whole or in part, through American Recovery & Reinvestment Act funds
Wireless Generation is an Equal Opportunity Employer, M/F/D/V.
Conduct threat modeling of large-scale mobile application platform
Proactively work with teams to identify required control points in mobile applications
Perform mobile application security assessments, code reviews, and application penetration tests
Use automated and manual code review techniques to identify application security vulnerabilities
Lead code reviews across a variety of languages and technical platforms
Document vulnerabilities and work with developers on vulnerability mitigation
Bachelor degree in computer science or related discipline, or equivalent.
3+ years’ experience threat-modeling and code reviewing complex applications
Solid experience with code audit vulnerability testing and threat modeling
Demonstrated expertise in Java and expertise in both server-side and client-side security issues.
Experience working with common application security tools such as Fortify, WebInspect, etc.
Experience conducting penetration tests
Ability to evaluate technical specifications and identify, document, and explain security vulnerabilities, threats, and risks
Security certifications such as CISSP or SANS GIAC a plus
Knowledge of secure development techniques including the OWASP Top 10
Strong written and verbal communication skills and the ability to interact well with different levels within the organization