*Position: **Information Security Engineer* *Location: **Charlotte NC* *.Duration: 12+ Month On-Site contract plus extension* *Interview mode: Phone** than Skype*
*.Job Description:*• Conduct dynamic application security testing using both manual and automated testing tools. • Review test results from tools • Ensure that automated tests are completed successfully • Triage & Disposition results and enforce a Bug Bar • Verify/validate defect fixes • Provide adhoc penetration testing as necessary for defects/issues identified by the industry • Provide application security consulting SME Support to developers • Assist developers with understanding of security defects and risk • Assist in defining acceptable solution to fix defects • Communicate Security risk to ISOs to document security issues and controls for security planning purposes • Provide for root cause analysis and incident management investigation • Work with development team responsible for a Security APIs in individual lines of business to help create the APIs roadmap based on Dynamic testing • Help maintain Security Coding Requirements and Bug Bar as required • Assist in the Development of standards as required • Provide training • Creation of security whitepapers • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities • Develop and review malicious use cases/threat models • Maintain a broad understanding of security technologies and products • Actively participate on improving the security culture and education throughout the organization. *Minimum Qualifications:* • Minimum of *5 years of Information Security Engineer/Consultant experience with application penetration testing.* • Demonstrated experience with automated penetration tools • Demonstrated experience with manual penetration testing tools • Demonstrated experience with web application security vulnerability detection and mitigation • Demonstrated experience with system vulnerability detection and mitigation • Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within large organization • Ability to complete tasks with minimum supervision *Preferred Skills:* • Demonstrated experience with performing penetration tests on Mobile Applications. • Demonstrated detailed oriented self-starter and the ability to work independently with limited supervision and limited direction, and in collaborative team environments. • The ability to provide support after normal business hours as needed. • A strong ability to multi-task and manage varying priorities and projects. • Excellent written and oral communication skills. • CISSP certification desired*.* Thanks Regards *Steven Olson* (Technical Lead) *Ennovace Inc* Ph: 214 541 9081 F: 972-262-9006 ste...@ennovace.com www.ennovace.com 1801 S O'connor Rd Irving TX 75061 Disclaimer: We respect your Online Privacy. This e-mail message, including any attachments, is for the sole use of the intendedrecipient(s) and may contain confidential and privileged information.Any unauthorized review, use,disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line at rem...@ennovace.com and mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience. -- You received this message because you are subscribed to the Google Groups "International SAP Projects" group. To unsubscribe from this group and stop receiving emails from it, send an email to international-sap-projects+unsubscr...@googlegroups.com. To post to this group, send email to international-sap-projects@googlegroups.com. Visit this group at http://groups.google.com/group/international-sap-projects. For more options, visit https://groups.google.com/d/optout.