Application Security Consultant

Company Name:
Open Systems Technologies
As an application security analyst working closely with the penetration testing team you will be expected to contribute both on an individual application basis as well as a global strategic basis to raise the application security posture across the organization, identify application security vulnerabilities through a combination of security assessment techniques, develop security standards and guidelines for applications, disseminate specialist application security knowledge to both the security and development communities and innovate towards the goal of establishing novel application security services.
10 + Years experience with Application security assessment techniques and their relative merits, including: SAST, DAST and manual assessment.
10 + Years experience with Application Security vulnerability knowledge including OWASP, SANS.
10 + Years experience with Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers.
Preferred Qualifications
Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
Awareness of emerging Application Security technologies
Knowledge of multiple programming languages: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
Experience working with web and mobile development projects as a developer or security subject matter expert
Knowledge of Secure Development Lifecycle methodologies, development platforms (Java and .NET etc)
Knowledge of middleware platforms (e.g. Websphere)
Knowledge of compilers, build processes, executable file formats and OS/VM execution environments (ARM/x86, iOS, Android, Windows, NIX, JVM, CLR etc)
Familiarity with web application multi-tier architectures and operation (session management etc)
Wider SDL activities such as threat modelling and design review

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.