Contract Senior Security Engineer

Company Name:
Path Technologies
Path Technologies is looking to add Senior Security Engineer to work at our client site in Owings Mills, Maryland. The Senior Security Engineer will be responsible for Application Security (code-level problems with application themselves, ala OWASP and others) and should have a combination of both application security and application development experience. The primary function of this position is to scan/test/analyze exiting legacy cod, investigate and triage the findings and work with the development team to determine how issues can be successfully remediated. This is largely focused on Java Enterprise Edition (JEE/J2EE) code.

Main Responsibilities:
Application security (vulnerability discovery, secure coding, vulnerability remediation)
Static and dynamic security testing (Fortify, ZAP, Burp Suite)
Security test applications using appropriate static and dynamic tools.
Review and assess security defects, triage to determine false-positives and to determine severity in the context of the defect and application architecture.
Identify remediation appropriate to the situation that will remediate the defect without affecting the functionality.
Work with the development team to scope, identify, refine and implement remediation.
Work directly with developers, architects and business users to scope, identify, refine and implement remediation.
Interpret technical findings and recommendations and interface with others to convey and arrive at a mutually agreeable solution.
Java Enterprise Edition (JEE/J2EE) coding experience necessary.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.