Company:
Aloden, Inc.
Location: Seattle
Closing Date: 08/11/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description
Security Test Engineer Only W2 (Citizen, GC)
Location: Seattle, WA (Hybrid - 3 Days Onsite)
Contract Role
Candidate Preference: Local to Seattle, WA or nearby areas.
Role Overview:
As a Security Engineer/Tester, you will be responsible for performing authorized security assessments on critical, large-scale applications. You'll work proactively alongside developers to identify and address security vulnerabilities early in the development lifecycle. This role requires a self-directed individual with strong technical skills and a deep understanding of application security domains.
Required Skills:
Location: Seattle, WA (Hybrid - 3 Days Onsite)
Contract Role
Candidate Preference: Local to Seattle, WA or nearby areas.
Role Overview:
As a Security Engineer/Tester, you will be responsible for performing authorized security assessments on critical, large-scale applications. You'll work proactively alongside developers to identify and address security vulnerabilities early in the development lifecycle. This role requires a self-directed individual with strong technical skills and a deep understanding of application security domains.
Required Skills:
- Manual & Automated Testing: Experience in both manual and automated security testing of software.
- Web Technologies: Deep understanding of web application technologies, web protocols (HTTP, HTTPS), and browser technologies.
- Application Security: In-depth knowledge of application security domains, including Identity and Access Management (IAM) and various authentication technologies (passwords, biometrics, OTP, digital certificates & PKI, device authentication, FIDO U2F/Passkeys, etc.).
- Security Testing Tools: Proven expertise in using various security testing tools (proxy tools, black-box testing tools, static code analysis tools).
- Security Vulnerabilities: Comprehensive understanding of common application security vulnerabilities (OWASP Top 10, SANS Top 25, CWE) and attack patterns (CAPEC).
- Education: Bachelor's degree in computer science or equivalent experience.
- Soft Skills: Must be self-directed, able to work independently, and thrive in a team-oriented and fast-paced environment.
- Security Technologies: Experience with security technologies and standards like SSO (SAML/OpenID, OAuth), cryptographic algorithms (symmetric/asymmetric, digital signatures, JWS/JWE), and Hardware Security Modules (HSMs).
- Cloud Security: Understanding of security vulnerabilities in cloud environments.
- Certifications: Relevant security certifications are a plus.
- Threat Modeling & Secure SDLC: Familiarity with threat modeling concepts and secure development lifecycle processes.
- Mobile Security: Knowledge of mobile application security.
- Conduct manual and automated security testing on complex applications.
- Identify and report security vulnerabilities, providing remediation guidance.
- Collaborate with development teams to address security issues early in the development process.
- Stay updated on the latest security threats and vulnerabilities.
- Contribute to the improvement of security testing processes and tools.
Share this job
Aloden, Inc.