Application Security Specialist Resume Samples

4.6 (99 votes) for Application Security Specialist Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the application security specialist job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
KL
K Lakin
Katherine
Lakin
9094 Rodger Canyon
Dallas
TX
+1 (555) 935 4136
9094 Rodger Canyon
Dallas
TX
Phone
p +1 (555) 935 4136
Experience Experience
Boston, MA
Application Security Specialist
Boston, MA
Schneider-Kautzer
Boston, MA
Application Security Specialist
  • Being a strategic visionary for the technological improvement of the services which he or she is managing or assisting
  • Provide NAB’s development teams with code level security testing and analysis services
  • To develop and manage processes & scripting in effort to build an effective and efficient operation
  • Manage evaluations of major nformation networks, systems and applications
  • Performing the review of application and infrastructure mitigation controls and providing the relevant decision
  • Work collaboratively with development teams to proactively build security within their software delivery pipeline
  • Develop security standards and guidelines for applications developed at Barclays
San Francisco, CA
Application Security Specialist Associate
San Francisco, CA
Goodwin-Ondricka
San Francisco, CA
Application Security Specialist Associate
  • Create a software source code review process that is a part of the development cycles (SDLC, Agile, CI/CD)
  • Create proof-of-concept to validate the fixes or educate the developers on how certain vulnerabilities can be exploited
  • Engage with development teams and/or senior management across various teams to influence efficient and effective fixes for application vulnerabilities
  • Present a quarterly state of source code security to the CISO and a bi-annual educational session of commonly seen vulnerabilities for the development teams
  • Create static code analysis tools where automated tools cannot
  • Familiar with tools such as Bugzilla, JIRA, Issue trackers, GitHub, SVN, IDEs such as eclipse/IntelliJ and build tools such as Ant, etc
  • 5+ years of security, in an Application Risk Analysis role
present
Chicago, IL
Senior Application Security Specialist
Chicago, IL
Hartmann-Kessler
present
Chicago, IL
Senior Application Security Specialist
present
  • Develop a reporting framework to communicate key data points vertically and horizontally
  • Provide expert advices to project teams in application security (including risks associated with the use of Open Source Software components) so as to reduce number of vulnerabilities detected in independent security assessment
  • Develop security improvements for Coca-Cola’s web, mobile, and backend services
  • Evangelism of secure software development practices with application and information security teams
  • Assessment and improvement of SSDLC processes and systems
  • Participate in security incident response process and red team exercise
  • Consult with Security and Product teams on the secure design of new applications and infrastructure
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
The George Washington University
Bachelor’s Degree in Computer Science
Skills Skills
  • Delivery focused and capable of meeting demanding deliverables
  • Strong experience of security consulting experience
  • Highly developed communication skills, both verbal and written
  • Good management experience
  • Good development experience in a major platform such as JEE or .Net
  • Able to balance priorities amongst several tasks
  • Ability to manage and lead initiatives to improve the Information Security environment
  • Thorough understanding of industry and corporate technology standards for Information Security; Strong judgment and decision-making skills
  • Ability to understand, analyze and apply corporate policy/guidelines and business/technology specific policies
  • Ability to analyze Information Security Procedures and help implement the same across all of IT and Business
Create a Resume in Minutes

12 Application Security Specialist resume templates

1

Application Security Specialist Resume Examples & Samples

  • Work with application groups and L3 Engineering teams to tune and apply WAF Policies ensuring maximum availability of applications while providing coverage for security threats
  • Engage with application groups to on-board applications onto Content Delivery Network (CDN)
  • Configuring / maintaining / troubleshooting WAF rules and application properties leveraging the CDN
  • Creating, documenting and updating processes to improve efficiency
  • Level 2 problem resolution
  • To develop and manage processes & scripting in effort to build an effective and efficient operation
  • Pro-active monitoring to ensure stability infrastructure
  • Meet RBC Audit security standards applicable to the technology platform
  • Documentation of network diagrams, operating manuals, security control documents, processes, problem resolution procedures
  • Ability to be on-call and work odd hours if necessary
2

Senior Application Security Specialist Resume Examples & Samples

  • Evaluates, codes and implements software fixes (patches) to address complex system vulnerabilities such as malicious code (e.g. viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning, and Web services manipulation
  • Tracks security issues and provides support to development team for issue remediation efforts
  • Experience conducting manual penetration testing and code review as well as using dynamic and static application scanning tools
  • Experience and understanding of the OWASP TOP 10 security risks
  • Education Required: Degree qualified in Computers Science, Information Systems or other related discipline, or equivalent work experience
  • Experience Required: 8 to10 years
  • Special Qualifications: Has completed one of the following Certifications and/or Professionalization status: GSSP-JAVA: GIAC Secure Software Programmer-Java, GWEB: GIAC Certified Web Application Defender, GSSP-.NET: GIAC Secure Software Programmer- .NET, GPEN: GIAC Penetration Tester, GWAPT: GIAC Web Application Penetration Tester
  • Strong web application penetration testing experience
  • Experience in vulnerability identification and remediation including source code review mitigation
  • Knowledge of the software development lifecycle in a large enterprise environments
  • Programming background (C++, ASP, .Net, Java, PHP)
  • Web Servers experience: IIS, Apache, Sun Java System
  • Middleware software experience: Oracle¹s WebLogic, IBM¹s WebSphere, Apache Tomcat
  • Database software experience: Oracle, MS SQL, MySQL, Postgress
  • Understanding of best-practice methodologies, OWASP
  • Excellent communication &language skills in written and spoken English
  • To suit this position you have excellent interpersonal and team working skills. You will work in a high pressure, real time operating environment and need to have strong communication skills. The successful candidate is analytical, highly driven, proactive and used to taking responsibility
3

Mobile Application Security Specialist Resume Examples & Samples

  • Security assessments of mobile applications such as secure code reviews, application penetration testing and threat modeling/architectural risk analysis
  • Coordination with business and technology to provide technical risk analysis, threat identification and countermeasure recommendations to balance the level of risk with business requirements to provide optimal solution
  • BS degree in Information Security/ Computer Science/Electronics and Engineering /Information Technology
  • Knowledge of transactional based financial networks and their specifications
  • Knowledge of mobile application development for both iOS and Android platforms
4

Senior Application Security Specialist Resume Examples & Samples

  • Provide subject matter expertise on application security throughout the Company. Understand company security policies and privacy laws, regulations, and risks. In addition
  • Build strong working relationships within IT, project managers, business resources, and third-party developers and agencies to create a partnership outside of Information Risk Management
  • Clearly articulate risks to IT and business employees throughout the world, as well as third-party development agencies. Explain concepts in terms and methods that non-security and non-IT partners easily understand
  • Learn Company brands, marketing practices, and consumer interactions to partner with business leaders
  • Work with global Information Risk Management leaders to build and strengthen partnerships in application security in varying cultures and threat landscapes
  • Appropriately document application security processes and procedures for internal team reference and for Company-wide use as application owners and developers engage team for security assessments
  • Monitor internal chargeback process to ensure projects and internal teams are charged appropriately for assessment costs
  • Assist in designing key systems and applications within the Company at various phases in development lifecycle to reduce risks faced within an application or business process
  • Track status of vulnerabilities the security assessment team finds. Communicate regularly with affected application owners, and continually drive a reduction of risk to the Company
  • Conduct maintenance and lifecycle work on applications used and owned by application security team
  • Assist in reviewing logs and application code to determine, when reasonably possible, the presence and source of security or privacy compromise or breach in an application
  • Review third-party security assessments to determine effectiveness and thoroughness of the work
  • Assist in contract language changes and negotiations involving application security
  • Effectively lead a team of employees and contractors. Handle day-to-day people manager responsibilities, as well as performance management and development of employees. Be able to effectively lead a local and international team. Be able to travel internationally to meet face-to-face with international team on a yearly basis
  • This position requires an ability to partner with many diverse business entities around the globe. This position will serve as an internal/external consultant. Strong verbal, presentation, and written skills are essential. This individual will participate in internal and external events where information security practises are discussed
  • Utilize strong understanding of applications to discover and document security flaws within an application, such as but not limited to SQL Injection, Cross-Site Scripting, TLS configuration issues, authentication flaws, denial-of-service flaws, code execution vulnerabilities, and file access issues. Similarly, discover privacy law or policy violations, as well as Company policy violations, within applications. Be able to adequately lead a team in these requirements, relying on the team’s strengths and focusing on managing the team and communicating with outside groups about assessments, vulnerabilities, and security and privacy risks
  • 4+ years of combined information security experience
  • Strong knowledge and experience in networking technologies and protocols, including Ethernet, TCP/IP, and IP routing
  • Strong knowledge and experience in authentication, server-to-server communication, APIs, cryptography, and other related web/mobile technologies
  • Strong knowledge of security practices and standards, such as OWASP
  • 8 or more years of experience in a technical information security role
  • Ability to work independently and productively under pressure
  • Proficiency in C++/C#/.NET, Java, or PHP preferred
5

Principal Application Security Specialist Resume Examples & Samples

  • Worked in a high performance application security and/or penetration testing team
  • Experience in application penetration testing
  • Development experience in one or more languages C#, Java, etc
  • The ability to articulate vulnerabilities to development team
  • Experience in threat modelling and or architectural analysis
  • The ability to articulate mitigation and development techniques
  • An appreciation for innovative technologies
6

Senior Application Security Specialist Resume Examples & Samples

  • Identify application security vulnerabilities through a combination of security assessment techniques
  • Develop security standards and guidelines for applications developed at Barclays
  • Support application security assessment coverage across Barclays
  • Work with global team and external entities to deliver Application Security services
  • Analyse and review security issues identified for confirmation and false positive removal
  • Supplement automated assessment techniques with manual security assessment approaches
  • Communicate security issues identified and mitigation/remediation options to development community
  • Generation of reports and follow up on issues until closure
  • Develop and deploy tools, techniques and capabilities to enhance ability to deploy, scan and assess the global estate
  • Develop automation scripts to enhance and automate the process
  • Technical competency to conduct a web application assessment
  • Working knowledge of related technology from IBM, HP etc is desired
  • Technical competency to conduct source code assessments
  • Application security assessment techniques and their relative merits, including: SAST, DAST and manual assessment
  • Understanding of Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers
  • Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
  • Knowledge of multiple programming languages: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
  • Experience working with web and mobile development projects as a developer or security subject matter expert
  • Familiarity with web application multi-tier architectures and operation (session management etc)
7

Application Security Specialist Resume Examples & Samples

  • Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security
  • Ensure end-to-end security of Visa products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
  • Integrate threat modeling practices into the Software Development Lifecycle
  • Build strong cross-organizational relationships and effectively influencing staff across the IT organization and broader enterprise
  • Collaborate with product and solution teams to achieve Global Information Security software security program objectives
  • Help to define simplified security metrics approach that enables executive leaders, line leaders, and operational staff to quickly take action on application security related risks
  • Manage cross-functional internal and external team collaboration, evangelization, and communications
  • Represent Visa in the software security community globally
  • Experience and ability to perform architectural risk assessment (ARA) at all phases of SDLC, as and when required
  • EXPERTISE in performing TOP down risk analysis and threat modeling of web applications and frameworks
  • Operational knowledge of secure software development life cycle principles from training and requirements gathering to post-implementation operations support
  • Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into a developers world
  • Success in implementing effective Secure SDLC frameworks across a large corporation
  • Platforms, SDK's and interaction with application layer PREFERRED
  • Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
8

Senior Application Security Specialist Resume Examples & Samples

  • Verification of security controls
  • Essential: Application security assessment techniques and their relative merits, including: SAST, DAST and manual assessment
  • Essential: Have Application Security vulnerability knowledge including OWASP, SANS Top 25, etc
  • Essential: Understanding of Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers
  • Essential: Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
  • Essential: Awareness of emerging Application Security technologies
  • Essential: Knowledge of multiple programming languages: Java(J2EE/Android), C#.NET, C/++/JNI, Objective C
  • Essential: Experience working with web and mobile development projects as a developer or security subject matter expert
  • Essential: Knowledge of Secure Development Lifecycle methodologies, development platforms (Java and .NET etc)
  • Essential: Wider SDL activities such as threat modelling and design review
  • Essential: Familiarity with web application multi-tier architectures and operation (session management etc)
  • Working knowledge of cryptographic concepts and familiarity with best practice application within a development environment
  • Desirable: Ability to demonstrate knowledge and enthusiasm for low-level technical topics including native development (any platform)
  • Desirable: Knowledge of middleware platforms (e.g. Websphere)
  • Desirable: Knowledge of compilers, build processes, executable file formats and OS/VM execution environments (ARM/x86, iOS, Android, Windows, *NIX, JVM, CLR etc)
  • Desirable: Experience of languages inherent to modern, mobile development: Java+JNI, Objective C, Swift etc
  • Desirable: Familiarity with process of reverse engineering and associated low-level technologies such as assembly and tools (IDA etc)
  • Desirable: Familiarity with concept of mobile code hardening i.e. controls and techniques for the goals of anti-tempering, obfuscation and environment monitoring etc
9

Application Security Specialist Resume Examples & Samples

  • Bachelors of Computer Science or similar
  • 3 or more years of experience in applying Information Security best practices to Information Technology assets
  • Ability to work well inside and outside the team. Exchanging ideas, knowledge, experience and thoughts can boost the quality and the efficiency of the solution, so great testers must always be eager to coordinate well with their team members and other teams as well
10

Application Security Specialist Resume Examples & Samples

  • Work with topics related to Cyber Security in support of a U.S. Marine Corps customer
  • Complete Application Security Development (ASD) assessments both as a regular part of product lifecycles, and on demand in support of Certification and Accreditation (C&A) events
  • Have intermediate software development experience in one or more object oriented programming languages
  • Have a basic understanding of common software vulnerabilities / application security concepts (e.g. OWASP Top 10, U.S. CERT Secure Coding Standard)
  • Meet DoD 8570.1-M at the minimum level of IAT II within six months of employment through the following certification requirements
  • Experience with DoD or Federal compliance testing methodologies (e.g. Common Vulnerability Scoring System, NIST Risk Management Framework)
  • Experience with reviewing, understanding and assessing DoD Cybersecurity requirements related to software security (e.g. DISA ASD STIG, DoD Directive 8500.01E, NIST Special Publication 800-53)
  • Basic familiarity with various Operating system, Database, Application Servers and common threat mitigation technologies (e.g. ASLR, EMET, Application Firewalls)
  • Experience with DIACAP, DoD RMF or Federal Certification and Accreditation Processes for IT systems
  • Computer Security
  • Programming
  • IT Infrastructure
  • System Analysis and Design
11

Application Security Specialist Resume Examples & Samples

  • Determine enterprise information assurance and security standards
  • Manage evaluations of major nformation networks, systems and applications
  • Develop and implement information assurance/security standards and procedures
  • Develop and mangge security requirements traceability matrices
  • Conduct security tests and evaluations
  • Conduct product trade-off analyses to determine optimal security solution
  • Develop technical documents, briefings and presentations
  • Recommend information assurance/security solutions
  • Establish and satisfy informatino assurance and security requirements based on analysis of user, policy, regulatory and resource demands
  • Support customers at the highest levels to develop and implement doctrine and policy
  • Apply know-how to government and commercial common user systems and special purpose systems
  • Analyze and define security requriements for computer systems which include mainframes, workstations, personal computers, and virtual environments
  • Design, develop, engineer, and implement solutions to meet security requirements
  • Integrate and implement computer security solutions
  • Analyze general information assurance-related technical problems and provide basic engineering and technical support to resolve issues
  • Perform vulnerability and risk analysis of computer systems and applications during all phases of the system development lifecycle
  • DoD Secret level clearance
  • Ability to obtain a TS/SCI clearance/access
  • Experience with MS Office products, including Word, Excel, PowerPoint, Outlook, Visio
  • Understand system/software/security engineering lifecycle and project management
  • Understand security architecture development
  • Experience with enterprise level CNA/CND/CNE/CNO analysis and operations
  • Experience with security requirements development
  • Experience with the following processes, at a minimum
  • DIACAP
  • DIARMF
  • NIST RMF
  • TS/SCI clearance/access
12

Application Security Specialist Resume Examples & Samples

  • Bachelor or Master Degree in Information Security or equivalent
  • Previous experience as a programmer/developer of web applications
  • Experience gathering and reviewing application security requirements and working with development teams to provide Information security requirements advice and counsel, ensuring alignment to IS processes and solutions – must have
  • Experience reviewing security design / architecture for security controls – must have
  • Strong secure coding practices, and static code analysis tools (Fortify)
  • Secure Coding
  • Reviewing application security design / architecture for security controls throughout the lifecycle of an application (web, mobile)
  • Agile methodology
  • Threat modelling
13

Application Security Specialist Resume Examples & Samples

  • Interprets and translates the information security requirements of the business IS program into technical requirements
  • Monitors changes in the risk profile of the highly critical systems their group produces or manages
  • Provides ad-hoc security advice
  • Assists Security Incident Response Teams in the investigation of incidents
  • Assists the system development and infrastructure units in identifying IS risks and the appropriate controls for development, day-to-day operation, and remediation of non-compliance
  • Ensures Compliance with IS programs
  • Ability to analyze Information Security Procedures and help implement the same across all of IT and Business
  • Ability to understand, analyze and apply corporate policy/guidelines and business/technology specific policies
  • Thorough understanding of industry and corporate technology standards for Information Security; Strong judgment and decision-making skills
  • Ability to manage and lead initiatives to improve the Information Security environment
  • This position will require the individual to prepare and present strategies, recommendations, lead IS related projects and value propositions to senior leadership teams
  • 5 to 7 years in Information Technology and/or Information Security as Security Architect or Application Architect with Security knowledge and skill
  • The ability to work in an environment that requires a high level of detail
  • The desire to be fully accountable for the success of an initiative
  • 5+ years experience with application development
  • BS degree in Information Security/Computer Science/Electronics and Engineering /Information Technology
  • Must be able to understand detailed technical procedures, projects, SDLC and technical corporate policies
  • Self-motivated with the ability to work independently and as a team member with minimal direction
  • Certified Information Systems Security Professional (CISSP) certification is highly desired
14

Application Security Specialist Resume Examples & Samples

  • Passion for identifying application security weaknesses
  • Perform complex security related testing, creating test cases, performing manual and automated tests (dynamic and static), report on problems encountered and documenting test results for follow-up
  • Select, implement, and maintain application security testing tools
  • Perform manual testing to confirm the validity, risk, and impact of identified vulnerabilities
  • Develop solutions to remediate findings from application security testing
  • Manage the lifecycle of vulnerabilities, from identification to remediation and reporting
  • Bachelor’s degree in Information Systems or related field with adequate experience in the field of information security is acceptable
  • 4-5 years hands-on experience in either: application security, penetration testing, or vulnerability management
  • Programming experience in Java, .NET, PHP
  • Hands-on web application security knowledge
  • Experience with white-box or gray-box testing
  • Experience with application security source code reviews
  • Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle etc.)
  • Demonstrated sound written and verbal communication skills
  • Extensive ability to transform technical concepts into usable documented material for non-technical users
  • Work on multiple projects simultaneously, set priorities and meet deadlines
  • Work independently and manage workload with organization to meet expectations and objectives
  • Absorb, retain and organize information gathered from multiple sources and in a variety of formats
  • Master’s degree in a relevant field
  • Experience developing exploits
  • Obtained certifications in one or more of the following preferred
15

IoT Application Security Specialist Resume Examples & Samples

  • Working closely with development and operations teams to build security in to applications and support processes
  • Provide assurance in the application lifecycle including design reviews, supporting automated code scanning, performing targeted application vulnerability assessments, and ethical hacking across systems
  • Drive continuous improvement in application security and champion changes to the organisation to be able to respond to new threats
  • Ensuring teams have what they need to deliver secure code and applications including the skills, tools and training
  • Defining cybersecurity best practices, processes, and workflows
  • Work to design and implement security controls into our software products
  • Support changes and improvements through working with the wider dev teams
  • Experience in delivering security automation through delivering “Security as Code”
  • Experience of orchestrating Penetration Testing, Vulnerability Assessments and Risk Assessments using best practice risk management methodologies
  • Strong experience with securing Enterprise environments across multiple geographic regions
  • Strong conceptual thinking and communication skills
  • Good understanding of technology and process optimization techniques e.g. standardisation, consolidation, simplification and automation and an appetite for continuous improvement
  • Web & Mobile security
  • Low level security (C / C++)
  • Highly scalable, automated environments
  • DDoS mitigation techniques
  • Application code Analysis
  • Access token management
  • API Security
  • IoT
  • Container-based virtualisation
  • Node JS
  • AWS
  • Proven track record in Application Security, including design and implementation
  • Experience in supporting the design, development and release lifecycle of a bespoke, propriety developed solution and the challenges this presents
  • Experience in compliance protocols such as PCI-DSS
  • Knowledge on Rick analysis and methods
  • Understanding of multiple development processes and practices such as Agile/Scrum, etc
  • A bachelor's or master's degree in computer science, information security or other related field; or equivalent work experience
  • Professional application security certification, such as a Certified Application Security Specialist (CASS), Certified Application Security Tester (CAST) or other similar credentials, is desired
16

Senior Application Security Specialist Resume Examples & Samples

  • Perform hands-on application security pen testing using security tools (both commercial and open source) to ensure existing and new services and applications are implemented with appropriate controls to meet Coca-Cola’s risk mitigation objectives
  • As application security subject matter expert, consult with development team on secure architecture and coding best practices, and on vulnerability remediation strategies
  • Research and recommend emerging security technologies/tools to address current and future threats in application security realm
  • Participate in security incident response process and red team exercise
  • Develop security improvements for Coca-Cola’s web, mobile, and backend services
  • Create and maintain documentation as it relates to security designs/configuration, processes, and requirement
  • Develop a reporting framework to communicate key data points vertically and horizontally
  • Proven experience with web and mobile pen testing, and vulnerability assessment
  • Proven experience with OWASP security concepts and discovering vulnerabilities such as XSS, XSRF, SQL Injection, Cookie Manipulation, etc
  • Ability to run static and dynamic application security assessment tools and to interpret the result
  • Knowledge of encryption standards and protocols as well as previous experience with authentication methodologies and protocols
  • CISSP, CISM, CISA, GIAC certifications desired
  • Programing experience in JAVA, PHP, C#, Ruby, Python, etc
  • Binary reverse engineering, particularly for mobile platform technology stacks
  • 3-5 years of hands on experience in two or more of the following: application security, network security, or platform/OS security in engineering, architecture or consulting capacity
  • 1-3 years of penetration testing or ethical hacking either for a consultancy or a large enterprise
  • Expert in Application Security and industry standards like BSSIM
  • In-depth knowledge of web application security and industry best practices (i.e, OWASP, WASC, etc), as well as SDLC
  • Working knowledge of web application firewalls and vulnerability assessment technologies
17

Web Application Security Specialist Resume Examples & Samples

  • Lead point of contact representing Digital Operations for implementation and monitoring of customer authentication for My Verizon
  • Represent Digital Operations in application security meetings with all stakeholders including the Executive level
  • Partner with I.T. to implement security requirements as identified in Security Policy CPI 810
  • Act as a customer advocate by providing a good user experience in the Registration, Login and Forgot flows for customer facing applications
  • Subject Matter Expert in application security best practices and new security technologies such as biometrics
  • Represent Digital Operations during testing of new security technologies
  • Report any security issues or CPNI Compliance Issues to management, I.T. security and Legal and coordinate appropriate resolutions
18

Application Security Specialist Associate Resume Examples & Samples

  • Educate the developers on the vulnerabilities that are found and translate the vulnerabilities into business risks Validate if the issues are fixed and work with the developers to suggest good ways to fix issues
  • Present a quarterly state of source code security to the CISO and a bi-annual educational session of commonly seen vulnerabilities for the development teams
  • Create proof-of-concept to validate the fixes or educate the developers on how certain vulnerabilities can be exploited
  • Be able to understand and assess application risks and mitigation methods or compensating controls
  • Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly-effective in the role. These skills and competencies include
  • Network and application Penetration Testing experience
  • Understand essentials of cryptography, operating systems, network security, application security such as understanding of gcc, Java, Perl and Python
  • Proficiency in English for written and verbal communication
  • Familiarity with tools such as Veracode, Fortify, Contrast, CheckMarx, Coverity, FindBugs, etc
  • Ability to multitask and be able to juggle different tasks with ease
  • BS/MS in Business, Computer Science, Information Security, or a related field
  • 5+ years of work experience as source code reviewer or code analyzer
  • 5+ years of security, in an Application Risk Analysis role
19

Application Security Specialist Resume Examples & Samples

  • Experience in HP Fortify and IBM AppScan
  • Experience using build tools (e.g. ant, make, maven, msbuild, nant, Docker, Get Hub, etc.)
  • Experience in the enterprise security or application security
  • Experience in IT operations (e.g., incident handling, NOC, SOC, etc.)
  • Programming experience, especially with Java Application security experience Experience with large IT systems
20

Application Security Specialist Resume Examples & Samples

  • Coordinating and running targeted pen tests. Identifying, prioritising and documenting remediation options for infrastructure and application vulnerabilities
  • Engaging with stakeholders and service owners within TalkTalk
  • Support business projects in the form of offering a leading security testing service, including detailed scoping, reporting and testing activities
  • Code reviews, code profiling, load and scalability testing for applications, infrastructure and cloud
  • Understands technical details of pentesting, such as buffer overflows, XSS, SQL Injection, etc. and the full OWASP Top 10
  • Assist in compliance projects and help embed security standards
  • Maintain and develop pen testing tooling
  • Maintain up-to-date knowledge on industry trends and best practices
  • Ability to work on your own and to deadlines
21

Senior Application Security Specialist Resume Examples & Samples

  • Support the ITSS Security Test Lead in driving the transformation of application security (SCA, SAST & DAST) across the bank to achieve the desired business outcomes
  • Lead the implementation and technical support of SAST & DAST tools (such as HP Fortify) & SCA tools (such as Black Duck, SonaType etc.)
  • Lead the on-boarding of application teams to the SCA, SAST and DAST platforms
  • Provide expert advices to project teams in application security (including risks associated with the use of Open Source Software components) so as to reduce number of vulnerabilities detected in independent security assessment
22

Application Security Specialist Resume Examples & Samples

  • Provide consultation to NAB’s development teams to assist in the understanding of Application Security and its’ importance across Software Delivery
  • Provide NAB’s development teams with code level security testing and analysis services
  • Influence project outcomes by identifying, communicating and demonstrating security vulnerabilities to development teams
  • Uplift the security and risk posture of the organisation by communicating security weaknesses and secure coding practices to stakeholders and teams
  • Uplift the security testing capability through the creation and management of automated testing tools
  • Develop and maintain procedures to efficiently deliver Application Security testing services
  • Use excellent analytical and problem solving skills to analyse application structure and source code to identify vulnerabilities
  • Proven experience in a consulting environment (internal or external)
  • Financial Services experience
23

Application Security Specialist Resume Examples & Samples

  • Managing and leading the day to day activities of Application Security Consulting and Patch and Vulnerability Governance service
  • Being a strategic visionary for the technological improvement of the services which he or she is managing or assisting
  • Providing technical help and support to the application code scanning service of which the application security consulting is also part of
  • Providing coaching and mentoring for the Security Consultants and Service Managers who are part of the application code scan, consulting and patch and vulnerability governance services
  • Performing the review of application and infrastructure mitigation controls and providing the relevant decision
  • Performing the review and feedback on any deliverables prepared by the team
  • Providing application security training for the development team
  • Providing application security consulting for any application security projects which are part of the program
  • Extensive, overall technology experience
  • Strong experience of security consulting experience
  • Good development experience in a major platform such as JEE or .Net
  • Good management experience
  • A background in the Financial Services industry (beneficial)
  • One or more of CISSP, CSSLP, CISM or any development / programming language based certifications (beneficial)
  • A self-starter requiring minimal supervision
  • Able to balance priorities amongst several tasks
  • Has experience in working in geographically dispersed teams
24

Software Development Application Security Specialist Resume Examples & Samples

  • Performs software security source code reviews
  • Participates in software testing including fuzzing, input and output validation
  • Guides and trains developers on application security issues
  • Performs and maintains Threat Modeling exercises for our applications
  • Maintains all OLS Web Application Firewalls including testing, creation, tuning of policies, certificate management and ciphers. Updates firmware on all WAF’s as needed throughout test, qa, and production lifecycles
  • Participates in vBSIMM assessments and provides recommendations for process improvements
  • Review static and dynamic scan results of developed application software and provide guidance to developers on flaw remediation
  • Performs application layer penetration testing and internal application security assessments
  • Assists with IT Security operations including Web Application Firewall log reviews, system monitoring, change control processes and documentation review
  • Offers technical information security support to staff responsible for development of OLS software including SSL negotiations, using secure cipher suites, and protocols
  • Assist with PCI, HIPAA, SOC2 and other annual assessments and audits including evidence collection
  • 5 years of Security Software Development experience
  • Bachelors degree in Computer Science
  • Knowledge of secure Java coding concepts
  • In-depth knowledge of HTTP protocol, payloads and Web Application Firewalls e.g F5 ASM WAF’s
  • Working knowledge of OWASP Top 10 concepts within a development environment
  • Experience with static and dynamic code scanning software such as Veracode
  • Experience with BurpSuite, ZedProxy or equlivent toolsets
  • Microsoft office tools to include Word, Excel, PowerPoint
  • IT Security and or development experience in a PCI-DSS environment is beneficial
  • Experience with the Payments industry is beneficial but not required
  • Professional IT Security designation, such as CISSP, Security+, SANS GWAPT, GWEB or GSSP-JAVA is beneficial