WE WANT YOU.

Learn more about this opportunity.

APPLY NOW    

Principal Application Security Test Engineer

Function: Technology
Location: Westminster CO, Westminster, CO US
Date posted: 4/30/2018 2:35:35 PM
Type: Full-time
Permanent / Contract: Regular
Job number: 1046830
Description
POSITION SUMMARY:
An Application Security Test Engineer has responsibility for (1) assuring that test automation provides continuous monitoring and alerting of modern product security threats and (2) supporting deployed security testing tools. In this role you will partner with IT Product Teams to support them in their vulnerability scanning and provide to them guidance to remediate identified issues.

RESPONSIBILITIES SPECIFIC TO ROLE:
• Deploy and maintain application security tools and services.
• Assist with the evaluation, on-boarding and management of applications and development teams to the security program.
• Enable automated security testing at scale to measure vulnerability density across the organization.
• Manage vulnerability discovery and remediation efforts from sources like static, dynamic, and open-source web application testing technologies and report on their success.
• Collaborate with internal partners to address security issues.
• Work closely with development teams to assist with the remediation process.
• Support product teams to meet regular scanning requirements for application security and for assessing PCI compliance.
• Assist and enable Product Security management in the creation of analytical information outputs on the general and specific risk profiles of Staples’ applications.


Qualifications

KNOWLEDGE/SKILL REQUIREMENT:

• Bachelor's Degree or related equivalent work experience
• 5-8 years of web or mobile software development experience (Java, C#, etc.)
• Familiarity with application security concerns and secure coding practices.
• Experience working with Agile development methodologies.
• Superb analytic and problem-solving skills.
• Strong written and oral skills.
• A willingness to learn and grow your knowledge in the field of application/information security.


PREFERRED SKILLS:
• Hands-on application security assessment experience using industry standard DAST/SAST tools (IBM AppScan, Checkmarx, Veracode, Fortify, Rapid 7)

Experience with web technologies such as: Angular, node.js, C#, Azure. Use of mobile technologies: Android and iOS development

 Industry training in web application defense or similar. Certification would be an asset.

• Knowledge of OWASP, SANS or other security-related standards.
• Experience with automated security scanning and CICD pipeline integration a plus.

 

Staples is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.


Staples
APPLY NOW    

There's more to explore