This page is optimized for mobile devices, if you would prefer the desktop version just
click here
Company:
Target Labs Inc
Posted: July 2, 2024
The Application Security Engineer (ASE) is responsible for promoting, designing, and evaluating application security in all phases of the application life cycle.
The ASE shall ensure that appropriate and effective security techniques and solutions are identified, implemented, and used.
Essential Job Functions:
Software Security Assessment:
• Evaluate applications for appropriate and effective use of security controls using tools and techniques such as source code analysis, vulnerability scanners, and manual testing techniques.
Application Security Control Development:
• Provide expert guidance to developers on the appropriate selection and implementation of relevant application security controls.
Security Awareness Training:
• Design, develop and deliver presentations focused on raising awareness for crucial security relevant considerations and defensive programming techniques.
Contract Security Provision Review:
• Work with business stakeholders and legal services to evaluate service agreements with Application Service Providers (ASPs), and provide expert guidance related to security provisions necessary to help ensure the necessary visibility and rights needed to protect our data and meet our commitments.
Other Job Functions:
Participate in research of information security technologies (in the areas of application and application infrastructure components) and propose ideas for new security service development.
Participate in all aspects of security service development projects including the following project phases:
business case development, requirements gathering, architecture development, product/service selection and procurement, functional & QA testing, detailed technical design, technology infrastructure implementation and deployment, migration from existing services, operational process and procedure documentation, operations staff training, and internal marketing of security services.
Advise and consult internal clients on appropriate application of security practices and existing security services to solve problems or enable new business opportunities.
Deliver previously developed information security services in support of corporate needs including:
requirements gathering, technical design, service deployment and integration, migration, operational transition, end user documentation, user training.
In support of various enterprise IT initiatives, recommend, customize, implement, document, and transition to operations reusable technical security service components including application level intrusion detection systems, authentication systems, authorization systems, audit trail management systems, cryptographic systems, and others as defined by management.
Research and implement new security technologies to be used as point solutions for IT initiatives unable to take advantage of or needing greater functionality than reusable enterprise security services.
Recommend new security service development ideas based on accumulated knowledge of project-specific security requirements.
Identify and implement improvements to application security team processes and supporting software tools (Java and C#/ASP based) to continually improve the team's effectiveness and efficiency.
Serve as subject matter expert on application and information security technologies and methodologies.
Perform other duties and responsibilities as assigned.
Essential Education/Experience Requirements:
• Bachelor of Science in Computer Science, or equivalent education or experience.
Emphasis in software security a plus.
At least three (3) years of professional experience, including:
• Two (2) or more years in software engineering and development with emphasis on the delivery of secure, Internet-exposed, multi-tier, web-based systems using Java/J2EE and/or C#/ASP/.NET (experience with both a plus).
• At least one (1) year of hands-on experience evaluating the security of applications using both manual and automated techniques.
Relevant tool experience should include code security scanners such as Fortify SCA, web vulnerability scanners such as HP WebInspect or IBM Rational AppScan, assessment support tools such as BurpSuite, Metasploit, Core Impact, etc… .
Strong written and verbal communication skills.
Specific relevant experience may include technical reports (especially application security assessment reports), technical whitepapers, presentation development and delivery (for both technical and business audiences), technical training, etc.
Candidate should have experience making and defending sound technical arguments that incorporate relevant technical and business considerations, and building consensus among stakeholders
Other Desirable Experience:
Security-related experience with the following:
• Providing software architecture security guidance, including developing application threat models and methodically protecting against business logic and design flaws that could introduce security vulnerabilities.
• Web Application Firewalls such as Imperva SecureSphere and Breach WebDefend.
• Design patterns and coding standards for secure software.
• Secure configuration and operation of Application Servers, Web Servers, Directory Servers, Media/Content Servers, Messaging Servers, Database Servers, and Integration Servers.
• Application authentication & authorization systems such as RSA ClearTrust and Netegrity Siteminder.
• Application layer intrusion detection systems such as Sanctum AppShield, or Kavado.
• Knowledge of PKI systems such as RSA Keon.
• Knowledge of cryptographic tool kits for application development such as RSA BSAFE or others.
• Knowledge of and experience with built-in and add-on security capabilities of common application infrastructure components such as MS SQLServer, Oracle, MS IIS, iPlanet Directory, MS Active Directory, MQSeries, MSMQ, MS Exchange.
• Knowledge of general application security API's and protocols such as:
MS CryptoAPI, Kerberos, SSL/TLS, SAML, S/MIME, and PKCS API's.
• End-to-end, hands-on experience in security solutions for complex enterprise architectures.
• Knowledge of cryptographic solutions for protection of data in use, in transit and at rest, such as:
Masking, SSL/TLS, IPSec, format preserving encryption & sanitization, etc….
• Knowledge of security considerations related to virtualization and cloud computing.
• Mobile Application Security on iOS and/or Android devices; includes experience in secure development of applications and/or analysis.
Financial services industry (Insurance, Banking, Investments) experience a plus.
•
The ASE shall ensure that appropriate and effective security techniques and solutions are identified, implemented, and used.
Essential Job Functions:
Software Security Assessment:
• Evaluate applications for appropriate and effective use of security controls using tools and techniques such as source code analysis, vulnerability scanners, and manual testing techniques.
Application Security Control Development:
• Provide expert guidance to developers on the appropriate selection and implementation of relevant application security controls.
Security Awareness Training:
• Design, develop and deliver presentations focused on raising awareness for crucial security relevant considerations and defensive programming techniques.
Contract Security Provision Review:
• Work with business stakeholders and legal services to evaluate service agreements with Application Service Providers (ASPs), and provide expert guidance related to security provisions necessary to help ensure the necessary visibility and rights needed to protect our data and meet our commitments.
Other Job Functions:
Participate in research of information security technologies (in the areas of application and application infrastructure components) and propose ideas for new security service development.
Participate in all aspects of security service development projects including the following project phases:
business case development, requirements gathering, architecture development, product/service selection and procurement, functional & QA testing, detailed technical design, technology infrastructure implementation and deployment, migration from existing services, operational process and procedure documentation, operations staff training, and internal marketing of security services.
Advise and consult internal clients on appropriate application of security practices and existing security services to solve problems or enable new business opportunities.
Deliver previously developed information security services in support of corporate needs including:
requirements gathering, technical design, service deployment and integration, migration, operational transition, end user documentation, user training.
In support of various enterprise IT initiatives, recommend, customize, implement, document, and transition to operations reusable technical security service components including application level intrusion detection systems, authentication systems, authorization systems, audit trail management systems, cryptographic systems, and others as defined by management.
Research and implement new security technologies to be used as point solutions for IT initiatives unable to take advantage of or needing greater functionality than reusable enterprise security services.
Recommend new security service development ideas based on accumulated knowledge of project-specific security requirements.
Identify and implement improvements to application security team processes and supporting software tools (Java and C#/ASP based) to continually improve the team's effectiveness and efficiency.
Serve as subject matter expert on application and information security technologies and methodologies.
Perform other duties and responsibilities as assigned.
Essential Education/Experience Requirements:
• Bachelor of Science in Computer Science, or equivalent education or experience.
Emphasis in software security a plus.
At least three (3) years of professional experience, including:
• Two (2) or more years in software engineering and development with emphasis on the delivery of secure, Internet-exposed, multi-tier, web-based systems using Java/J2EE and/or C#/ASP/.NET (experience with both a plus).
• At least one (1) year of hands-on experience evaluating the security of applications using both manual and automated techniques.
Relevant tool experience should include code security scanners such as Fortify SCA, web vulnerability scanners such as HP WebInspect or IBM Rational AppScan, assessment support tools such as BurpSuite, Metasploit, Core Impact, etc… .
Strong written and verbal communication skills.
Specific relevant experience may include technical reports (especially application security assessment reports), technical whitepapers, presentation development and delivery (for both technical and business audiences), technical training, etc.
Candidate should have experience making and defending sound technical arguments that incorporate relevant technical and business considerations, and building consensus among stakeholders
Other Desirable Experience:
Security-related experience with the following:
• Providing software architecture security guidance, including developing application threat models and methodically protecting against business logic and design flaws that could introduce security vulnerabilities.
• Web Application Firewalls such as Imperva SecureSphere and Breach WebDefend.
• Design patterns and coding standards for secure software.
• Secure configuration and operation of Application Servers, Web Servers, Directory Servers, Media/Content Servers, Messaging Servers, Database Servers, and Integration Servers.
• Application authentication & authorization systems such as RSA ClearTrust and Netegrity Siteminder.
• Application layer intrusion detection systems such as Sanctum AppShield, or Kavado.
• Knowledge of PKI systems such as RSA Keon.
• Knowledge of cryptographic tool kits for application development such as RSA BSAFE or others.
• Knowledge of and experience with built-in and add-on security capabilities of common application infrastructure components such as MS SQLServer, Oracle, MS IIS, iPlanet Directory, MS Active Directory, MQSeries, MSMQ, MS Exchange.
• Knowledge of general application security API's and protocols such as:
MS CryptoAPI, Kerberos, SSL/TLS, SAML, S/MIME, and PKCS API's.
• End-to-end, hands-on experience in security solutions for complex enterprise architectures.
• Knowledge of cryptographic solutions for protection of data in use, in transit and at rest, such as:
Masking, SSL/TLS, IPSec, format preserving encryption & sanitization, etc….
• Knowledge of security considerations related to virtualization and cloud computing.
• Mobile Application Security on iOS and/or Android devices; includes experience in secure development of applications and/or analysis.
Financial services industry (Insurance, Banking, Investments) experience a plus.
•
Read the full job description and apply online on the recuiter's web-site
Related Job Postings
Bus Person
Company:
Bob Evans
Posted: July 21, 2024
Our Purpose: • We pride ourselves on serving high quality farm fresh food at Bob Evans! We are AMERICA'S FARM FRESH! We work hard, pay attention to details (perfect plates, perfect bags), and provide our guests with the best, all-around family dining experience. We have immense pride in our culture
read more...
Civil Estimator
Company:
gpac
Posted: July 21, 2024
• Positions: Civil Estimator • Experience: 5-10+ years • Description: • One of my highly reputable clients in the DMV is looking to add a solid Estimator to their team. This client of mine is known for their strong employee retention and does a lot of company gatherings. It is actually one of my
read more...
Cashier
Company:
Corner Bakery
Posted: July 21, 2024
Description: • Position Summary: • Responsible for creating and facilitating an environment focused on guest relations while ensuring the financial integrity of each transaction throughout the shift. Verifies initial cash. Answers phone calls. Responsible for making coffee/tea, cooking soups, set up
read more...
Cloud Platform Engineer
Company:
The Swift Group
Posted: July 21, 2024
The Swift Group is seeking a highly motivated and experienced Cloud Platform Engineer with experience in Cloud technology (AWS), Python programming skills, and a strong Linux foundation. • Will significantly contribute to the development of custom software components and integration of open-source
read more...
Mechanical Engineering Internship
Company:
RCT Systems
Posted: July 21, 2024
RCT Systems, Power Systems Division, is seeking highly qualified Mechanical Engineering interns to join our team for the summer. Engineering interns will focus on one of several different areas including: • Perform packaging/layout of complex converter systems • Designing and building of test stands
read more...
Integration Engineer
Company:
Piper Companies
Posted: July 20, 2024
Piper Companies is seeking an Integration Engineer to join an established Healthcare organization located in Maryland for a contract to hire opportunity. This position is REMOTE. The Integration Engineer will create, configure, and maintain data connections. The Integration Engineer will also
read more...
Senior Database Engineer
Posted: July 20, 2024
Senior Database Engineer, Clearance Required - TS/SCI w/Polygraph • Please note, this position requires all candidates to currently possess an active Top-Secret SCI Clearance with a Polygraph. This position is not an opportunity to be sponsored or nominated for a government security clearance. • The
read more...
Cloud Software Engineer
Company:
Belay Technologies
Posted: July 21, 2024
Belay Technologies has been voted Baltimore Business Journal's (BBJ) Best Places to Work 2019, runner up in 2020 and a finalist in 2021! • Belay Technologies is seeking a Cloud Software Engineer to join our intel team. • Candidates should have the following qualifications: • TS/SCI Clearance with
read more...
Enterprise Architect
Company:
LinQuest
Posted: July 20, 2024
Position Summary: • • LinQuest is seeking an Enterprise Architect to support our USSTRATCOM Nuclear Command, Control, and Communications (NC3) Enterprise Center Systems Engineering & Integration (SE&I) customer at Ft. • Meade, MD. • Our customer serves as principal enterprise systems engineering,
read more...
Cashier
Company:
Whole Foods
Posted: July 21, 2024
Job Summary: • Cashiers at Whole Foods are the face of the company and are responsible for making a positive impact on shoppers. The cashier will scan the customers' selections, ensure that prices and quantities are accurate, accept payments, issue receipts, answer inquiries, and provide helpful
read more...
Junior Software Engineer
Company:
Nightwing
Posted: July 21, 2024
Date Posted: • 2024-02-08 Country: • United States of America Location: • MD233: • 420 National Business Parkway 420 National Business Parkway Suite 400, Annapolis Junction, MD, 20701 USA Position Role Type: • Onsite You have been redirected to RTXs career page as we have recently transitioned from
read more...
Senior Product Owner
Company:
Marriott
Posted: July 21, 2024
JOB SUMMARY • Reporting directly to the Director - Messaging & Collaboration, the Senior Product Owner - Entra ID/Active Directory is responsible for the design, implementation, maintenance, and optimization of the Entra ID/Active Directory infrastructure. • They will work closely with IT teams,
read more...
Retail Sales Associate
Company:
Staples
Posted: July 20, 2024
*Retail Sales Associate* *Function: Retail Locations* *Address: 2631 Housley Road* *City / State: Annapolis, MD US* *Date Posted: February 26, 2022* *Type: Part-time* *Permanent / Contract: Regular* *Job Number: 1203294* *Description* Staples Connect is focused on our customer and our community,
read more...
Senior Software Engineer
Company:
Science and Technology Corp
Posted: July 21, 2024
Job Title • Senior Software Engineer • Location • ABERDEEN PROVING GROUND, MD 21005 US (Primary) • Category • Engineering, General Laborer • Job Type • Full-Time • Compensation Minimum (USD) • $100,000 • Compensation Maximum (USD) • $135,000 • Education • Bachelor's Degree • Minimum Citizenship
read more...
Senior Software Developer
Company:
Parsons Company
Posted: July 21, 2024
In a world of possibilities, pursue one with endless opportunities. Imagine Next! • When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace where you can be
read more...
Field Sales Representative
Company:
Techtronic Industries TTI
Posted: July 21, 2024
About Us: • TTI (Techtronic Industries) is a fast-paced, high energy, organization that rewards out-of-the-box thinking to foster innovation allowing us to be the best in our industry. • We provide a multi-faceted training program and hands-on field experience that will stimulate, challenge, and
read more...
Patient Care Technician
Company:
FRESENIUS MEDICAL CENTER
Posted: July 21, 2024
About this role: As a Patient Care Technician (PCT) at Fresenius Medical Care, you play a vital part in supporting people who entrust us with their care, their families, and your fellow care team members. You will build deep relationships with patients when they come into our clinic. How you grow or
read more...
Accounting Clerk
Company:
J B A Automotive
Posted: July 21, 2024
J.B.A. Chevrolet is in search of a full-time accounting clerk to join our team! In this role you will be an integral part of the accounting team by learning multiple aspects of the accounting office from the desk receptionist to assisting with deal processing as well as accounts receivable.
read more...
Lead Primary Care Physician
Company:
AbsoluteCARE Inc
Posted: July 20, 2024
AbsoluteCare is seeking a dynamic, mission-driven clinical leader to put the principles of team-based collaborative care and population health into action for our medically complex & socially vulnerable members. • AbsoluteCare is designed to care for society's most complex patients under innovative
read more...
Cashier
Company:
Snipes
Posted: July 20, 2024
SNIPES CashierPart Time Regular • We live sneakers, streetwear, and neighborhood culture! All Day! Every Day! • With more than 750 stores in Europe and the USA, SNIPES is one of the leading sneaker and streetwear retailers worldwide. Since opening its first store in Essen, Germany in 1998, SNIPES
read more...
Junior Software Engineer
Company:
Base2 Solutions
Posted: July 21, 2024
Annual Salary Range: • • $110,000 to $140,000 with Full Benefits to include Health/Dental/Vision and PTO. • Description: • • Base-2 Solutions is looking for a top-notch software engineer to join our team. We are driven to solve challenging customer problems by leveraging innovative technical
read more...
Cashier
Company:
Costco
Posted: July 21, 2024
Job Title: Cashier • Employer: Costco As a Cashier at Costco, you will be responsible for providing exceptional customer service while accurately and efficiently processing customer purchases. You will handle cash, credit, and debit transactions, ensure proper pricing, and assist customers with
read more...
Senior Process Automation Engineer
Company:
GEA Group
Posted: July 21, 2024
Responsibilities / Tasks • Join us as an Industrial Automation Engineer and: • Lead project teams in designing, testing, and commissioning industrial electrical and automation systems. • Provide technical mentoring, leadership, and training to project teams. • Ensure top-notch quality by conducting
read more...
Associate Dentist
Posted: July 20, 2024
*Please note: this position is located in Baltimore, MD. • Overview: • Work for a company that is truly making the world a happier place, one smile at a time! At Benevis, we create over a million smiles a year in the communities we serve and believe that every person deserves access to quality,
read more...
Certified Medical Assistant
Company:
Chesapeake Specialty Care
Posted: July 20, 2024
We are seeking a skilled and compassionate Medical Assistant to join our healthcare team. As a Medical Assistant, you will play a crucial role in providing quality patient care and ensuring smooth clinic operations. Responsibilities: - Assist healthcare providers in delivering patient care,
read more...
CAD Designer
Company:
SAIC
Posted: July 21, 2024
Description • SAIC is seeking a CAD Designer to support the U.S. Army Combat Capabilities Development Command (CCDEVCOM), Engineering and Systems Integration (ESI) Directorate, Quick Reaction Capability (QRC) Branch. • This position is on-site in Aberdeen, MD. SAIC provides relocation assistance. •
read more...
Associate Veterinarian
Company:
Muddy Branch Veterinary Center
Posted: July 21, 2024
Muddy Branch Veterinary Center is a privately owned, AAHA accredited hospital serving the Gaithersburg, MD community for 25+ years. • Our state-of-the-art facility is equipped with the latest technology to allow our doctors to practice the most up-to-date medical care for our patients. • Our clients
read more...