Security engineer - #1337339

12 + months contract role (Hybrid role) for a Security Engineer with one of our clients in Allentown, PA or Louisville, KY or Providence, RI

Job Title: Security Engineer (100% Onsite role)

Candidates in one of the locations below only will be considered

Allentown, PA or Louisville, KY or Providence, RI

Qualifications

Bachelor s degree in computer science, Information Security, or a related field.

Required Experience

A minimum of 10+ years of experience using penetration testing tools like Burp Suite.

Experience in application security tools and IDE Plug-in environments, including HP Fortify.

Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25.

Expertise in system hardening and remediation.

Proficiency in security assessments, penetration testing, and code reviews.

Expertise in threat modeling, risk assessment, and vulnerability management.

Knowledge of federal compliance standards, including NIST 800-53 and NIST CSF.

Strong leadership, communication, and interpersonal skills.

Collaborative and effective in cross-functional team environments.

Strong analytical skills to assess risks and vulnerabilities in complex systems.

Core Responsibilities

Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests.

Define security best practices and standards and ensure Product Development teams understand them and receive pertinent annual secure coding training.

Develop and maintain the application security architecture, ensuring that it aligns with overall security strategy and standards.

Evaluate, implement, and manage security tools and technologies that enhance the security posture of applications.

Conduct risk assessments for applications to identify potential vulnerabilities and threats, develop strategies to mitigate these risks.

Oversee and coordinate security testing activities, including static code analysis, dynamic application security testing, and penetration testing.

Perform system hardening and remediation to effectively guide developers and system administrators in addressing vulnerabilities and implementing security controls.

Perform security assessments, penetration testing, and code reviews to identify potential flaws in codes and mitigate vulnerabilities.

Analyze security needs and software requirements to determine feasibility of design within time and cost constraints and security requirements.

Perform threat modeling, risk assessment, and vulnerability management to identify potential security risks and work with development teams to implement appropriate security controls.

Provide guidance and training to development teams on secure coding practices and promote security awareness across the organization.

If interested in this role, please feel free to call me at 281-702-3852 and apply here or send your resume to *********@prudentconsulting.com.