WashingtonRecruiter Since 2001
the smart solution for Washington DC jobs

Senior Java Security Engineer (Job #6259)

Location: Washington
Posted on: May 13, 2024

Job Description:

Work with product teams and product owners to understand and formulate security requirements for large internet-facing, enterprise software applications.


• Serve as SME on application security and collaborate with software development teams to provide technical guidance to implement appropriate security solutions, mechanisms and/or controls that address business requirements.


• Consult on technical security issues/incidents as needed.


• Initiate and conduct manual/automated code reviews (via risk assessments)


• Act as a liaison between software engineers and Information System Security Office (ISSO)


• Conduct and coordinate vulnerability assessments and code-reviews of software application under development


• Conduct risk assessment planning sessions and results read-outs


• Experience writing automated unit tests.


• Experience in performing code reviews.


• Participate in Agile SCRUM activities such as daily standup, sprint planning and retrospective meetings


• Monitor the marketplace for application security related tools, conduct tool analysis and provide recommendations.



Requirements


Must have:


• 7+ years of Java/Enterprise Java development experience


• Expertise with application server technologies, Spring Framework, Spring Security, Web Services (JAX-RS/JAX-WS), REST and Hibernate


• In-depth knowledge of and experience with Java security technologies, Single-sign-on and identity management technologies


• Expertise with web system security concepts, including multi-factor authentication , authorization (RBAC), encryption/hashing, SAML (mandatory), LDAP


• Knowledge of cross-site scripting (XSS), session hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors


Desirable:


• Knowledge of TCP/IP, HTTP/S and related protocols


• Knowledge of network-based, system-level and application layer attacks and mitigation methods


• Experience with static code analysis tools including HP Fortify, FindBugs, PMD


• Knowledge of and experience with agile software development methodologies


• BS in Computer Science or related field

Keywords: , Washington DC , Senior Java Security Engineer (Job #6259), IT / Software / Systems , Washington, DC

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account