Job Description

The purpose of this job is to maintain and monitor application security systems and procedures to safeguard the company’s information systems, networks and databases and to ensure compliance with security standards. 
Essential Functions 

1. Support application risk assessments in collaboration with other team members

2. Conduct code reviews, including interpretation of the results of SAST and DAST scans, and share issues with team for remediation

3. Assist in investigating network intrusion protection systems (NIPS), host intrusion protection systems (HIPS), and perimeter security alerts in collaboration with senior team members

4. Perform initial investigation and follow up on incident reports with senior team members

5. Respond to security and malware protection alerts and security-related incidents under supervision of senior team members

6. Analyze and investigate output from various security devices and share information about issues with the security team

7. Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks under supervision of senior team members

8. Review, triage, and prioritize control output

9. Promote information security policies, standards, guidelines, and procedures

10. Perform application security reviews and penetration testing under supervision of senior team members

11. Communicate security weaknesses, exploits, and vulnerabilities to the business and technical teams using both technical and non-technical terms

12. Maintain own knowledge by researching and mastering new concepts, technologies, and solutions toward ongoing tasks and deliverables

13. Model behaviors that support the company’s common purpose; ensure guests and team members are supported at the highest level

14. Ensure all activities are in compliance with rules, regulations, policies, and procedures 


* Bachelor’s degree in computer science, information systems or related field, or equivalent work experience required

* Minimum one year’s experience in information or application security required

* GSEC, GISF, or Security+ Certification preferred

* Minimum one year’s experience using one or more programming and scripting languages, i.e., HTML5, Java, Python, Ruby, Perl, Bash, PowerShell 

* Knowledge of key aspects of combined application and network penetration, AppSec, wireless security, and vulnerability management 

* Knowledge of security controls such as Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), International Organization for Standard-ization (ISO), National Institute of Standards and Technology (NIST)

* Knowledge of security attack methodologies, tools, and processes

* Up-to-date knowledge of security threats and defenses against threats

* Knowledge of penetration tools (e.g., Kali, Burp Suite, Qualys Guard, Cenzic, Metasploit, OWASP ZED, sqlmap, nosqlmap, WPScan, Nessus, NMAP)

* Familiarity with Cloud technology (e.g., AWS platform and services, Google Big Query/GCE/GCS) 

5508 Lonas Rd

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online