At Vector Solutions, it is our distinct privilege to serve the everyday heroes who serve others the engineers who keep our buildings safe, the manufacturers who make the products we use every day, the first responders who protect us, and the educators who take care of our children. Through our award-winning online education, safety compliance, and performance optimization solutions, our mission is to change the world by saving lives, inspiring professionals, and elevating performance.
We believe in fostering a positive workplace culture that attracts talent, drives engagement, increases performance, and invests in employees' happiness and satisfaction.
So, if you're innovative, passionate about what you do, and driven by the need to push boundaries in order to serve the everyday heroes that serve all of us, then search for your forever career with us at Vector Solutions.
Vector Solutions is an Equal Opportunity Employer and does not discriminate against applicants on the basis of race, color, creed, religion, ancestry, age, sex, marital status, national origin, disability or veteran status. diversity of every kind.
Why you will love working at Vector Solutions:
Friendly, open, and casual work environment (ditch the suit & tie)
Comprehensive, quality benefits package effective first of the month following your date of hire
Matching 401(k) retirement plan
Healthy work-life balance with flexible work arrangements and generous time off
Educational assistance available for all employees
Generous referral incentive program
Company social events
Vector Solutions is seeking an Application Security Engineer with experience in web application penetration testing, analyzing software designs and implementations from a security perspective and, through a close partnership with other IT and Product teams, reduce or eliminate risk to the company and our customers. The Application Security Engineer will have strong leadership skills, a background in product/application security, and a passion for solving problems.
ESSENTIAL FUNCTIONS AND RESPONSIBILITIES
- Provide application security expertise to customer project delivery teams throughout the Software Development Lifecycle (SDLC).
- Review static code analysis findings for exploitability and provide recommendations to developers for remediating findings.
- Perform validation and testing on mobile and web applications to ensure products meet internal requirements and industry standards for software security.
- Provide security and compliance subject matter expertise and consultation to internal Business Units and Customers.
- Maintain, apply, and enhance security architecture, development, testing, operations, and compliance standards throughout the organization.
- Coordinate with the IT, Operations, and Product teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices.
- Perform security/compliance internal audits on new projects
- Perform risk assessments on vendors, tools, and processes.
- Advice on strategy for new and existing compliance standards for our client and customers
- Support and lead internal security operations functions, including security awareness, vulnerability management, and incident response.
- Consult with IT and Delivery teams on forensic analysis of breaches and exploits.
- Provide other security, compliance, and technical tasks as assigned by the Chief Information Security Officer.
- This position does not have any supervisory responsibilities.
- Excellent oral, written, and interpersonal communication skills.
- Collaborator that thrives in a social atmosphere and actively contributes to improving processes, workflows, and communication.
- Lead adoption of best practices in software security across the company.
- Excellent time management, goal setting and prioritization capability.
- Ability to understand, explain, and demonstrate various security vulnerabilities & risks including XSS, CSRF, Code Injection, MitM, Brute-force/Dictionary/Rainbow Table attacks
- Knowledge of stack exploitation in C based languages.
EDUCATION AND EXPERIENCE
- Bachelor's degree in related field of study.
- 5+ years of experience working in a security role.
- Experience with Mobile (Android and iOS) application architecture
- Experience explaining technical and security concepts to both technical and non-technical resources in a consultative role
- Experience delivering security training to security professionals, engineers, and non-engineers.
Relevant industry certifications such as:
- CISSP (Certified Information Systems Security Professional)
- Certified Ethical Hacker (CEH)
- GIAC Penetration Tester (GPEN)
- Offensive Security Certified Professional (OSCP)
- AWS Certified Security - Specialty