Free State Project Forum

Please login or register.

Login with username, password and session length
Pages: [1]   Go Down

Author Topic: Application Security Lead - Penetration Tester - Salem  (Read 1486 times)

Rich T.

  • FSP Participant
  • *****
  • Offline Offline
  • Posts: 713
  • Live Free in NH!
    • NH Liberty Alliance
Application Security Lead - Penetration Tester - Salem
« on: August 29, 2012, 09:19:04 am »

Application Security Lead - Penetration Tester

JPMorgan Chase - Salem, NH

Job Description

JPMC's Card Services division is looking for an Application/Software Security Lead to be a subject matter expert in software security, perform application penetration testing, manage application security assessment programs, and guide development of secure application architectures. Specific expectations include:
· Working closely with development and architecture teams to define security requirements, build secure architecture design models, and drive security initiatives.
· Maintaining the use of static code & dynamic application analysis tools within the systems development life-cycle to assist with identifying and preventing issues early on in the development lifecycle.
· Performing application security penetration and vulnerability testing against high risk applications.
· Creating, maintaining, and presenting metrics that measure the effectiveness of the application risk management efforts over time.
· Performing research as necessary on reported issues and emerging risks to identify best-practice solutions
· Assisting management in prioritizing remediation efforts appropriately.
· Actively participating in firm-wide Information Risk Management forums to contribute and be influential in delivering a firm-wide security program.
· Developing and presenting Security Awareness materials relating to Application Security.

Desired Skills & Experience

Experienced Information Technology professional with a proven track record of more than 3 years in Application Security
· Strong technical skills in application architecture, software development, and common software platforms (e.g. browser apps, webservices, client-server, mainframe, mobile, etc)
· Hands-on experience with software security testing and common testing tools like Appscan, WebInspect, Fortify, etc
· Experience with federated authentication schemes like SAML and/or Single Sign On solutions like SiteMinder.
· Experience in driving process improvement and influencing others towards common goals.
· Strong problem solving and analytical capabilities.
· Solid knowledge of industry best practices and IT Risk Regulatory landscape in Financial Services.
· Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Secure Software Lifecycle Professional (CSSLP) preferred.
Pages: [1]   Go Up