Security Engineer IV
Holmdel, NJ

Job Description

Job Overview:

Have you had experience assessing threats and vulnerabilities within applications and network infrastructures? Are you proficient in mentoring developers and/or security engineers? Skilled in utilizing security monitoring tools? We're looking for an expert collaborator with an Agile background to join our team as a Security Engineer IV, where you'll be responsible for application development, coaching and mentoring colleagues on security tools, and preparing and executing security test cases for projects and features driven by the Product Management Council.

In addition to performing application security engineering, you'll be responsible for manual and automated penetration testing of features scheduled for release, and will serve as a subject matter expert on our Secure Software Development Lifecycle. If you're a top-notch communicator who wants to work on pilot programs, gain exposure to different technologies and mentor others within our organization, let's chat!

About Us:

iCIMS is a high-growth Software-as-a-Service (SaaS) company headquartered in Holmdel, NJ. Eight-times voted a Best Place to Work by NJBIZ and #16 on Glassdoor's 2019 Best Places to Work list, we are the industry's #1 recruitment software provider, delivering technology that supports approximately 4,000 contracted customers around the globe. Dedicated to maintaining an inclusive, inspirational and innovative work environment, and committed to our consistent growth, we have a wide range of opportunity for career advancement within our organization. Come grow with us-apply today!

Responsibilities:

* Creating an impact at organization level on security standards and best practices
* Collaborate with Architects, Developers and other stake holders to push security tickets from secured code perspective
* Designing application security architecture and developing detailed artifacts on privacy for every features
* Evaluate new tools in the market, propose the same tools
* Reviews and verifies bug tickets within internal Bug Tracking Tool
* Troubleshoots and helps address Security production tickets when routed to debug.
* Performs penetration and vulnerability assessments against projects/features, as necessary, and follow up to ensure that findings are properly addressed.
* Manages the iCIMS third party Security Testing for monitoring, creation and validation of security bugs.
* Prepares and delivers documentation and training for enabling "Test Labs" for agile teams
* Responsible for Security Sanity testing using automated and manual tools and assigning bugs to agile teams.
* Educate and Coordinate with agile teams and cross functional departments on Security process, practices and bugs.
* Work with InfoSec team to implement security best practices at organization level
* Consistently ensures that business is conducted with integrity at all times and that behavior aligns with iCIMS' policies, procedures, and core competencies.

Qualifications:

* Minimum of 8 years of software testing experience of web based products. Must be familiar with entire Software Development Life Cycle process
* 5+ years of specialized security testing, techniques and tools
* Strong understanding of static and dynamic code analysis methodologies and processes
* Exposed to various automated tools for security, regression and performance testing
* Experience in testing software written in various programming languages and technologies, including Java, SQL, HTML, JavaScript, and XML/XSL
* Ability to communicate security issues to peers and management
* Strong analytical and problem solving skills
* Strong communication & interpersonal skills
* Self-motivated, able to learn and research issues independently
* Experience with vulnerability management and penetration testing tools
* Proficient in a Windows and MS-SQL environment
* Extensive experience in applying risk based methodologies to information security issues
* Having CISSP certification is a plus
* Experience with vulnerability management tools similar to or such as Nessus, Rapid7, Qualys, Burpsuite, Saint, WhiteHat etc.
* Ability to leverage frameworks and standards such as SANS, NIST, ISO, and OWASP

Education/Certifications/Licenses Required

* BA/BS in Computer Science or a relevant Engineering degree, or relevant experience

EEO Statement:

iCIMS is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, protected veteran status, disability status or any other characteristic protected by law.

Options