Work with the brightest minds at one of the largest financial institutions in the world. This is long-term contract opportunity that includes a competitive benefit package!
Our client has been around for over 150 years and is continuously innovating in today's digital age. If you want to work for a company that is not only a household name, but also truly cares about satisfying customers' financial needs and helping people succeed financially, apply today.
Position: Senior Information Security Engineer
Location: Charlotte, NC, 28262
Term: 12 months
- Review test results from tools
- Ensure that automated tests are completed successfully
- Identify and remove any false positives from automated testing tool reports
- Triage & Disposition results and enforce a Bug Bar
- Verify/validate defect fixes
- Provide application security consulting SME Support to developers
- Assist developers with understanding of security defects and risk
- Assist in defining acceptable solution to fix defects
- Communicate and document security risks, issues and controls for security planning purposes with line of business liaisons
- Help maintain Security Coding Standards and Bug Bar as required
- Provide training Develop and review malicious use cases/threat models
- Lead or participate in computer security incident response activities for moderately complex events.
- Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies.
- Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards.
- Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security.
- Review and correlate security logs. Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity. Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives.
- Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals.
Is this a good fit? (Requirements):
- Certifications such as GPEN, GWAPT, OSCP, and CEH are desirable but not required.
- 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
- We are seeking 2 Senior Information Security Engineers to conduct dynamic application security testing (DAST) using automated penetration testing tools.
- Review test results from tools.
- Ensure that automated tests are completed successfully.
- Identify and remove any false positives from automated testing tool reports.
- Triage & Disposition results and enforce a Bug Bar.
- Verify/validate defect fixes.
- Provide application security consulting SME Support to developers.
- Assist developers with understanding of security defects and risk.
- Assist in defining acceptable solution to fix defects.
- Communicate and document security risks, issues and controls for security planning purposes with line of business liaisons.
- Help maintain Security Coding Standards and Bug Bar as required.
- Provide training.
- Develop and review malicious use cases/threat models.