Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Engineer in Charlotte, NC (Hybrid).
Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around for over 150 years and is continuously innovating in today's digital age.
If you want to work for a company that is not only a household name, but also truly cares about satisfying customers' financial needs and helping people succeed financially, apply today.
Contract Duration : 6 Months
Required Skills & Experience
- 5+ years of Application Security Engineering experience, or equivalent demonstrated through one or a combination of the following : work experience, training, military experience, education.
- 5+ years of experience troubleshooting in complex technical environments.
- 2+ years of experience implementing technical solutions in a large enterprise (150K+ employees)
- 2+ years of experience with scripting tools such as Bash, Python and PowerShell.
- 1+ year of experience writing SQL queries.
- 1+ year of experience building / managing MS SQL and / or Oracle databases, including data feeds and ETL.
- 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following : work or consulting experience, training, military experience, education.
Desired Skills & Experience
- Expert understanding of the most common application security risks (OWASP Top 10, SANS / CWE Top 25)
- Experience in developing applications in Java, .NET (preferred), C#, JavaScript, Python, or other modern OOP languages.
- Experience managing automated application security testing tools, including Static and Dynamic Application Security Testing (SAST / DAST) and Software Composition Analysis (SCA).
- Provide strategic and tactical security guidance for secure application development, including the evaluation and recommendation of technical controls.
- Experience integrating application security tools into the CI / CD pipeline.
- DevSecOps experience.
- Recommended application security certifications (one or more) : OSCP / OSEP / OSWE, CEH / LPT, CPT / CEPT, CASS, CASE, CMWAPT, CRTOP, GIAC GEVA / GPEN / GWAPT / GCPN / GXPN / GMOB / GDAT.
- Experience with integrating application security tools into Enterprise vulnerability management systems (e.g., ServiceNow)
- Thoroughly understand secure application design principals, including the areas of authentication, authorization / least privilege, logging, encryption, data masking, data retention, and secure data transmission.
- Assist in the development and management of security policies, standards, procedures, and guidelines.
- Design, document, plan, coordinate, and implement complex information security solutions.
- Strong technical and business writing skills, plus the ability to effectively explain plans and solutions verbally to both technology and business units.
- Direct or serve as a mentor to less experienced engineering staff.
What You Will Be Doing
Tech Breakdown
- XX% Red Hat Linux
- XX% Windows Server 2010
Daily Responsibilities
- Consult on complex initiatives with broad impact and large-scale planning for Information Security Engineering.
- Review and analyze complex multi-faceted, larger scale or longer-term Information Security Engineering challenges that require in-depth evaluation of multiple factors including intangibles or unprecedented factors.
- Contribute to the resolution of complex and multi-faceted situations requiring solid understanding of the function, policies, procedures, and compliance requirements that meet deliverables.
- Strategically collaborate and consult with client personnel.