Overview
Senior Application Security Engineer Jobs in Virginia at SAIC
Job Description
Description
SAIC is seeking a skilled and motivated Senior Application Security Engineer to strengthen our cybersecurity team and cater to the evolving needs of our federal customer. As a technical expert in mobile application and API security, you will play a crucial role in identifying vulnerabilities within these systems. Your work will contribute to enhancing the overall security posture of our organization. Among other tools, technologies, and techniques you will use in your position, you will do the following:
Mobile Application and API Security Testing: Employ your expertise in mobile application and API security to conduct comprehensive penetration testing exercises. Utilize industry-standard tools and methodologies to identify potential cyber weaknesses in these systems.
Risk Evaluation and Reporting: Utilize a risk-based approach to evaluate the findings from your penetration testing activities. Craft detailed and insightful reports outlining vulnerabilities, potential exploits, and recommended remediation strategies.
Collaboration and Technical Assessment: Collaborate closely with cross-functional teams, including system administrators and Information System Security Officers (ISSOs). Offer technical assessments of mobile applications and APIs across all layers of the technology stack. While deep expertise in all domains is not mandatory, a solid understanding of how different layers interact is crucial.
Engagement with Stakeholders: Engage with system admin teams and ISSOs to discuss your findings and ensure a clear understanding of identified vulnerabilities. Your communication skills will be essential in verifying the adequacy of remediation efforts, supporting system administrators in addressing security weaknesses effectively.
Scenario Design and Testing Strategy: Leverage your knowledge of tactics, techniques, and procedures (TTPs) used by threat actors to design relevant testing scenarios. Your ability to simulate real-world threats will contribute to robust security testing strategies.
Continuous Process Improvement: Actively contribute to the development of standardized operating procedures (SOPs) for mobile application and API penetration testing. Your input will be valuable in refining and enhancing the efficiency of our testing processes.
Knowledge Expansion: Stay up to date with the latest trends and developments in mobile application and API security. Continuously build upon your expertise to adapt to emerging threats and evolving technologies.
Qualifications
Required Qualifications:
Bachelor’s degree in an IT-related field and 5 years of related experience; Additional experience in lieu of BS degree.
Certifications: Possesses at least one professional certification relevant to the technical service provided. Maintain a certification relevant to the product being deployed and/or maintained. Professional certifications must be approved by the FPM or FDPM. Relevant certifications such as Certified Mobile Application Security Tester (CMAST) or similar credentials are a plus.
Mobile Application and API Security Testing Experience: A minimum of 5 years of hands-on experience in conducting mobile application and API security testing including penetration testing is required. Your deep understanding of mobile and API vulnerabilities, exploits, and countermeasures is crucial to the success of this role.
Hardening and Remediation: Demonstrated expertise in system hardening and remedia…
Title: Senior Application Security Engineer
Company: SAIC
Location: Virginia
Category:
