|
Senior Java Security Engineer (Job #6259) - Washington DC
Location: Washington, DC
Posted On: 04/28/2024
Work with product teams and product owners to understand and formulate security requirements for large internet-facing, enterprise software applications.
• Serve as SME on application security and collaborate with software development teams to provide technical guidance to implement appropriate security solutions, mechanisms and/or controls that address business requirements.
• Consult on technical security issues/incidents as needed.
• Initiate and conduct manual/automated code reviews (via risk assessments)
• Act as a liaison between software engineers and Information System Security Office (ISSO)
• Conduct and coordinate vulnerability assessments and code-reviews of software application under development
• Conduct risk assessment planning sessions and results read-outs
• Experience writing automated unit tests.
• Experience in performing code reviews.
• Participate in Agile SCRUM activities such as daily standup, sprint planning and retrospective meetings
• Monitor the marketplace for application security related tools, conduct tool analysis and provide recommendations.
Requirements
Must have:
• 7+ years of Java/Enterprise Java development experience
• Expertise with application server technologies, Spring Framework, Spring Security, Web Services (JAX-RS/JAX-WS), REST and Hibernate
• In-depth knowledge of and experience with Java security technologies, Single-sign-on and identity management technologies
• Expertise with web system security concepts, including multi-factor authentication , authorization (RBAC), encryption/hashing, SAML (mandatory), LDAP
• Knowledge of cross-site scripting (XSS), session hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors
Desirable:
• Knowledge of TCP/IP, HTTP/S and related protocols
• Knowledge of network-based, system-level and application layer attacks and mitigation methods
• Experience with static code analysis tools including HP Fortify, FindBugs, PMD
• Knowledge of and experience with agile software development methodologies
• BS in Computer Science or related field More...
Register an account with us and set up job agents! We'll email you immediately when jobs like this are posted on our site.
|
|