Sr. Application Security Engineer Jive Software
As a Senior Application Security Engineer at Jive Software, you must have a passion for security and be able to share this passion with the company. Be a core member of senior security team focused on social business web application security. This newly created role represents an opportunity to build an application security program from the ground up and be an industry leader in social business security.
Work with several internal teams to develop an application security roadmap.
Function as a subject matter expert in a wide variety of areas including application security and secure software development.
Threat modeling under the OWASP guidelines
Deliver web application security assessments for Java applications
Assess infrastructure security and build solutions that scale with internal growth and customer growth.
Provide source code security reviews
Train the engineering community in application security
Provide a solid understanding of web services and commonly utilized technologies.
Perform manual pen-testing and work with 3rd party pen-testers
A BS in Computer Science, Computer Engineering and/or Security, Networking or equivalent experience preferred.
Minimum of 5-7 years software development experience using high level programing languages (e.g., Java, C, C++, .NET (C#, VB))
Understanding and familiarity with common code review methods and standards
Experience with code scanning toolsets (e.g. Fortify and Ounce)
Knowledge of OWASP tools and methodologies
Understanding of HTTP and web programming
Knowledge of standard SDLC practices
Minimum of 3 years work experience in application security
Ability to present findings to technical staff and executives
Significant experience in finding web site security issues including: OWASP Top 10, XSS, SQL Injection, CSRF, Buffer Overflows, etc.
Deep knowledge of LINUX technologies such as Apache, MYSQL, Tomcat, Postgres
Strong LINUX / UNIX background with scripting abilities
Strong experience with SIEM systems such as Q1 strongly preferred.
Knowledge of crypto systems such as symmetric crypto, SSL certificates and hashing methods is desirable.
Certifications such as the CISSP, CSSLP, GWAPT, GSSP-JAVA or GWEB appreciated.
||317 SW Alder Street |
Portland, OR 97204