Back to Vacancy Listing

Senior Application Security Engineer

Application Security Engineer

Location : Jersey City, NJ USA
Contract : Contract
Contact : resourcing@xceedgroup.com

Posted : 10 May 2017
Ref : XCREQ-2711

Job Description

Senior Application Security Engineer

Responsibilities

  • Exploiting various known vulnerabilities (published CVEs)
  • Lateral network movement (Active Directory environment)
  • Breaking and subsequently fixing a vulnerable web app
  • Dumping and cracking hashes, pass-the-hash attacks
  • Windows authentication protocols (Kerberos, NTLM..), the differences between them, methods to exploit them
  • Strong communication skills are a must. Must have an approachable personality and the ability to clearly communicate and educate others regarding the information security risks and best practices.

Key Competencies

  • 5-7 years of Information Security Related Experience
  • Experience in Software Development is a bonus
  • Thorough understanding of Active Directory security
  • Thorough understanding of the Software Development Lifecycle
  • Highly technical and comfortable with writing PowerShell, and Python scripts as well as .NET
  • Comfortable with understanding and advising security implementations for Windows Server 2012 and Linux Systems
  • Deep understanding for .NET software architecture
  • Thorough understanding for concepts, and software such as: WAF, Firewalls, Burpsuite, Kali Linux, TLS, SSL, PKI, RSA, Encryption, Hashing etc
  • The candidate must be comfortable with blue and red teaming. They will be asked to demonstrate their skills in an in-person, on-site assessment

Company Overview

Xceed Group is a global IT professional services consultancy operating with a range of FTSE 100 and Fortune 500 clients within various markets from Financial Services, Telco, Media and Energy. Through the experience and expertise of its high calibre personnel, Xceed offers the right level of support or the right solution to ensure clients meet their required goals. Xceed Group is especially experienced in implementing and delivering change, Business Transformations and Migration programmes, whether the change is driven by merger, acquisition, divestment or a need to drive out efficiencies and improve services.