Application Security Engineer

Technology Remote, United States Radnor, Pennsylvania Providence, Rhode Island


Description

Job Summary

This candidate is responsible for securing eMoney Advisor’s information technology environment. Reporting into the SVP Security and IT Operations, the candidate will be accountable for managing the day-to-day security of eMoney’s suite of SaaS and internal applications. eMoney is looking for a “hands-on” Information Security Analyst to ensure the confidentiality, integrity and availability of our applications and client data.

Job Responsibilities

  • Assist in evaluating, planning, configuration, and implementation of new/existing security applications/tools
  • Systematically address application security issues and develop secure coding practices for multiple development teams
  • Integration of application authentication, encryption, authorization, and access control
  • Provide mitigation strategies for applications from infrastructure, architecture, and secure coding perspectives
  • Utilize application security scanning tools such as HPE Fortify to interpret reports and validate identified vulnerabilities and associated risks
  • Utilize source code scan tools such as Fortify, or Checkmarx to assist application development teams to apply the best practice for application security and catch potential vulnerabilities at early stage
  • Proactively work with team members to address security and compliance issues
  • Provide education and assistance to application developers for applying Security Software Development Life Cycle
  • Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle

 

 

 

Requirements

  • A Bachelor’s degree in Computer Science or related engineering field with training in software security
  • Strong software engineering background with extensive experience working in complex enterprise environments implementing software development lifecycles
  • Experience in HTML, CSS, and JavaScript

 

Skills

  • Extensive experience in addressing web application security issues, such as those outlined in OWASP Top 10
  • Strong knowledge of application security throughout the software lifecycle
  • Experience developing secure coding practices with C#, Asp.Net (MVC and WebForms), HTML/CSS, Sql Server
  • Strong knowledge and experience in securing an application’s integration with relational database management systems such as MS SQL
  • Experience using Tenable Security Center and validating identified vulnerabilities
  • Proven ability to ensure applications are secure throughout the software lifecycle
  • Ability to perform manual and automated testing to identify vulnerabilities such (BurpSuite Pro, Fiddler, Netsparker, etc.)
  • Knowledge of security in both Linux and Windows environments as it pertains to Web application hosting, middleware (IIS, Apache, Tomcat, PHP, ColdFusion, Ajax), and databases (Oracle, MySQL, MS SQL Servers)
  • Software Security Certifications, such as Certified Secure Software Lifecycle Professional (CSSLP) is a big plus
  • Excellent communication skills including presentation and documentation.
  • Strong capability in evaluating application security related products

eMoney Advisor is the creator of the leading wealth-planning technology for financial professionals and firms, offering the cutting-edge solutions needed to succeed as the regulatory environment shifts, investor expectations change, and the industry landscape becomes increasingly competitive. Not only do our solutions help financial professionals streamline their workflow and add efficiency to their business, they also — more importantly – create an unmatched, interactive client experience that builds trust and strengthens the advisor-client relationship. Though we’re driven to lead through innovation, the defining principle of eMoney’s existence will always remain the same: an unwavering dedication to helping advisors and their clients succeed.