Application Security Architect

  • Job Reference: 85670669-2
  • Date Posted: 10 April 2019
  • Recruiter: Wayne County Department of Technology
  • Location: Detroit, Michigan
  • Salary: On Application
  • Sector: Education/Training
  • Job Type: Permanent

Job Description

PurposeDescription The Software Security Analyst will assist the Network Security Team Lead in developing a Software Security Testing program for both internally and externally developed systems. The Software Security Analyst will work with the in-house Applications development team andor on project teams for new systems being introduced to the network environment. Education and Experience Bachelor's Degree in Computer Science of a related discipline is preferred Minimum 3 years in a Software Security position with a strong background in User Authentication. Knowledge Must have a strong knowledge of web application security best practices (C, ASP.NET, VB.NET, Classic ASP) Experience in Penetration Testing is a must. Knowledge in Python and Python scripting. SQL DB testing - Proficient in SQL injection and form validation. Should also have a strong background in SQL querying. High level of knowledge in Web services and Web Services API frameworks. Linux experience as a Security tool is a plus (i.e. Kali, etc.) Skills Linux Python ASP.net OWASP SQL Active Directory Scripting Knowledge of the MITRE Framework. Task bull The primary role of this position will be to perform application security testing for applications developed both in house, or purchased from a vendor. bull Mobile platforms (iPhone, Android, QNX) and mobile software development bull Hands on experience with system attack and penetration testing tools, such as metasploit and others bull Experience developing in QNX and other embedded operating systems bull Experience in developing personal and enterprise security products bull Develop a DEVOPs program to ensure a Development Lifecycle is followed using OWASP and other industry standards. bull Understanding of enterprise platforms (JavaEE, .NET), Cloud Computing, Web Services principles and Service Oriented Architecture (SOAs) and frameworks such as Spring. bull Ensure that best practices are used in the development and implementation of new system software. bull Assist with malware and other malicious code analysis. bull Contribute to the development of a Penetration Testing strategy including Web services testing, wireless testing, and application pen testing. bull Assist with analysis and assessment of security risks. bull Experience with malware analysis tools and techniques bull Ensure protection of all classified data (HIPAA, PII, PHI, and CJIS).