Application Security Engineer

Job Order: J0813-0888 - Permanent Full Time
Title: Application Security Engineer
Category: Information Technology
City: Fairfax, Virginia, United States

Job Description: Application Security Engineer

Responsibilities:

- Experience designing and executing web application security evaluations, solo and as part of a team
- Application security testing techniques, using automated tools and manual testing
- Creation of exploit proofs of concept
- Discovery of application security weaknesses, and writing recommendations for preventing or fixing them
- For example, discover and create exploits for XSS, CSRF, Clickjacking, parameter manipulation, and privilege escalation, and advise developers on how to keep them from happening
- OWASP Top Ten Vulnerabilities, and how to fix or prevent them
- BackTrack, Burp Suite, MetaSploit, HP Fortify, BeEF, fuzzers, and related tools and platforms
- Ability to discover and exploit application vulnerabilities

Required

Skills:

- Awareness of security-related best programming practices for J2EE and .NET
Knowledge of secure development principles in at least one environment (ie Java or .NET)
Understanding of risk assessment practices
Participate in security architecture, design, and control implementation
- Knowledge of the SDLC and experience working with development teams
- Understanding of web application technologies and development processes
Up-to-date knowledge of current threats

Desired:
Certifications: GIAC GWAPT is a plus
Code review skills are a plus

-LI-KG1 At CGI, we're a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 69,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us.

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.

We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.

No unsolicited agency referrals please.

WE ARE AN EQUAL OPPORTUNITY EMPLOYER.

Skills
- Security

Reference: 273871