We are seeking for talented Application Security Engineers to join the Security team. The ideal candidate will have strong communication skills and a fondness for breaking things, in depth knowledge of OWASP, Decompilers and love everything about mitm attacks.
- Perform blackbox testing on applications.
- Perform code reviews and remediation on security flaws.
- Be a subject matter expert for "Secure Coding Practices"
- Develop automation and processes to identify security flaws in code.
- Participate in architectural and design discussions.
- Track issues and run reports.
- Ops/sys admin experience in an internet operations environment a plus.
- Experience with decompiling Flash components a plus.
- Have experience with packet capturers.
- Have at least five years of experience in a Application Security related field (in example: Code reviews, Application Penetration testing, OWASP/Web testing).
- BA/BS in Computer Science or a related field, or equivalent experience.
- Excellent knowledge in at least two of the following: PHP, Java, Flash, C, Perl.
- Good knowledge of a variety of standard UNIX/Linux services (Apache, MySQL, Nagios) a plus.
- Competency in Shell, PHP, Perl or Python for automation is required.
- Solid understanding of web services architecture and commonly employed technologies.
- A sense of urgency in responding to and resolving critical issues that relate to the performance of the site and/or core infrastructure.
- Excellent verbal and written communication skills.
- Participation in a shifted coverage schedule, including working nights and on-call rotations.