Security Application Professional

Eurofins Cyber Security North America is looking for a Security Application Professional. This position will be based in Altoona, PA on-site at a client location. The role is intended to be a one-year project that may be extended at that time by Eurofins or the Client.

Information security is ensuring that digital and non-digital information used for various purposes like physical storage, digital storage, and transmission of data through various systems and processes is being secured and protected. The information security application consultant responsibility is to leverage their expertise and knowledge so as to assess and consult internal and external development projects and teams in all matters of information security, secure development, and secure coding techniques.  This includes in consulting how to secure the Confidentiality, Integrity, Availability, and Accountability of information and information processing systems through the entire development lifecycle.

The consultant should be able to explain complex ideas in a concise manner. He/she should have good judgmental and decision making skills. Excellent analytical and interpretation skills would be of great help. Excellent communication skills and good presentation skills would be beneficial.

An information security application consultant is responsible for having specific expertise in security testing, project management, secure development, and relevant frameworks such as OWASP.  Security application management include expertise and understanding in secure coding, application and database security architecture, security testing methodology, security standards, and expertise in development documentation. This individual must have professional understanding of how applications and systems functions which includes how security is implemented, how security is assessed, and the translation of security business requirements into project requirements.

He or she will be working closely with a customer on assigned engagements, stays current on the information security industry (news, tools, techniques, and trends), obtains and retains industry-recognized security certifications and works with other consultants to share knowledge and assist as needed.

Application Security Professional responsibilities also include, but are not limited to, the following:

·Assist customers in security projects development, documentation review, security consulting.

·Assist customers in cybersecurity administrative functions such as documentation maintenance, documentation creation, peer review, and other Cyber Security activities.

·Maintain their certifications and seek opportunities to acquire more training and education to maintain their expertise. 

·Take the lead in assessing new projects and existing infrastructures within the customer’s organization.

·Demonstrate an ownership of projects and tasks couple with a sense of urgency in completing assign activities.

·Strong cross-functional team participant and collaborative approach to problem solving

·Ensure that all the data pertaining to the company and its clients is safeguarded

·Conduct web application and penetration security tests

·Write reports

·Determine security risks and compliance requirements per project as required

·Conduct document reviews and interviews against compliance requirements and best-practices

·Help develop and implement a comprehensive application security program. This program is aligned with Agile Project Management methodology, NIST secure development methodology, OWASP, and other frameworks as required.

·Organized application security workshops for customer in respect to secure coding and secure development. 

·This role is expected to formalize SDLC process with the development team from a security perspective. 

Ideal Candidate would possess:

·Ability to work under pressure and to very short timelines

·Ability to communicate effectively at all levels.

·Ability to work independently as needed yet always thinking as part of a team

·Strong process documentation and reporting capabilities and excellent knowledge of Microsoft Office products, especially Excel and Word

·Ability to travel and relocate to the customer site.

·Excellent communication and presentation skills.

·Self-motivated and self-directed.

·Experience with the OWASP framework

·Offensive Security certification (OSCP) is preferred.   

Basic Minimum Qualifications:

·Bachelor’s Degree in Information Security or a related discipline. This will suffice for two years of information security experience. 

·5 years of experience focused on application security, security testing, and application development.  

·Familiar with Programing languages and other scripting languages.  Java programming experience preferred.

·Competency in the areas of IT general computer controls specifically in information security, tools and utilities.

·Certified Information Systems Auditor (CISA), Certified Information Security Professional (CISSP), or equivalent.

·Authorization to work in the United States indefinitely without restriction or sponsorship

Position is full-time, Monday-Friday with overtime as needed.  This position will be based in Altoona, PA on-site at a client location. The role is intended to be a one-year project that may be extended at that time by Eurofins or the Client.

As a Eurofins employee, you will become part of a company that has received national recognition as a great place to work.  We offer excellent full-time benefits including comprehensive medical coverage, life and disability insurance, 401(k) with company match, paid holidays and vacation, personal days, and dental and vision options.

To learn more about Eurofins, please explore our website www.eurofinsus.com.

Eurofins is a M/F, Disabled, and Veteran Equal Employment Opportunity and Affirmative Action employer.