Application Security Administrator
Globe Life corporate office is now hiring an Application Security Administrator.
As the Application Security Administrator and Penetration Tester you will focus on identifying and advising on the remediation of security flaws identified in legacy and in development applications.
Your responsibilities will include:
• Management of application testing tools such as HP Fortify, code review, penetration tests through 3rd party applications such as Metasploit or Core Impact and possible coding of custom test for verification of security flaws.
• Collaboration with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
In this position, you will partner with our cross functional engineering teams to continually improve product security by incorporating security in all phases of software development life cycle, develop, and identify tools to support automation of the development and delivery. You will need to understand application development processes and challenges faced by application developers regarding the security concerns with custom and open source code.
You should also possess an understanding of a commitment to industry best practices, security related concerns and a willingness to work toward the satisfactory resolution of conflicts toward meeting the business needs. You will perform architectural risk analysis and threat modeling, secure design and source code review, conduct security assessments, security testing and validation of vulnerability scan results while striving to incorporate security tools/tasks to automate product development and deployment.
• Bachelor’s degree in Computer Science, Information Systems, Business Administration or equivalent work experience.
• 5-7 years of experience in a variety of development languages and technologies or securing of such technologies.
• 10+ years of experience in a variety of development languages and technologies.
• Experience with Cloud (AWS) Security.
• Experience with Threat Vector Analysis.
• Previous experience with HP Fortify.
• Previous experience with Metasploit.
• Previous application development experience in a mid to large sized corporate environment.
• Software development experience including multi-tier software systems, distributed systems, service oriented software architectures, middleware, application frameworks, application integration.
• Network experience including security, hardware configuration, protocols, standards, topologies.
• Systems experience including monitoring, logging, systems management, administration.
• Understanding of malware code analysis and system exploitation techniques.
• Proficiency in building and automating efficient and effective scripts from scratch with languages such as Python, Node.js, sh, Perl, etc.
• Knowledge of application development processes and the software development life cycle.
• Understanding of general security concepts.
• Knowledge of Information Security Policies.
• Must be a proficient security technologist with a proven track record of doing security code reviews, application security architecture, and designing and implementing security best practices.
• Perform security architecture and design reviews of all systems and applications.
• Skill in Penetration Testing.
• Technical writing and documentation skills are a plus.
• Scripting language skills, including Powershell.
• Customer service and presentation skills are highly valued.
• Technical documentation skills.
• Ability to design and oversee implementations of software and system solutions.
• Ability to design and oversee implementations of entire software and system solutions.
• Supervision skills, conceptual skills, functional and technical skills.
We are an Equal Opportunity Employer.