First Data Application & Data Security – Application Scanning in Tipperary, Ireland

Position Description Overview

The Security Engineer will be primarily responsible for the assessment of application source codes, dynamic application testing and system compliance to security standards and baselines. Assessments will cover a complex application environment consisting of mixture of languages/platforms.

All discovered vulnerabilities must be registered with central management tools and communicated to the responsible parties and action plans developed for timely remediation. Metrics and reporting to senior management will demonstrate overall security risk reduction and business benefit of this program. The goal of the program is to reduce enterprise security risk by executing vulnerability assessment services using a formal service model and logical risk based approach. This resource will focus on delivering security assessment services and leading engagements to assess relevant technologies.*

Security Engineer job responsibilities include but are not limited to: * Conduct vulnerability scans (network, operating system, database, and application) * Analyze vulnerability scan results and report on aggregated vulnerabilities * Identify false positives and risk acceptance candidates * Clearly understand and communicate risks associated with vulnerabilities * Facilitate vulnerability remediation strategies * Conduct logical security audits and hands-on technical security evaluations * Develop subject matter expertise in focused areas of security

Job Responsibilities* * 2 - 5 years of experience with job responsibilities in Application Security testing area in large corporate environment. Ability to work independently on complex goals in a global team environment. * Capacity to embrace change and quickly adapt to new situations, changes in direction. * Proven ability to thrive in a fast paced, dynamic environment. * Ability to handle multiple projects and assignments. * Proven problem solving skills from problem assessment to solution selection. 3 years of related IT experience. * Bachelor’s Degree or equivalent work experience with Certifications. Security certifications preferred.

Job Requirements * 8 years related IT experience. MS preferred or Bachelor’s Degree with equivalent work experience and appropriate certifications. * Expert knowledge of operating systems, subsystems, and software vendor products * Strong understanding of business, market and industry issues facing business or clients * Knowledge of secure development principles. * Must have strong knowledge in web application development. * Must have a thorough understanding of web protocols TCP/IP, UDP, HTTP, HTTPS, SSL, TLS, etc. * Protocol analysis and forensic analysis experience is a plus. * Experience with various programming languages (Java, C#, Python, PHP, Javascript, etc.). * Experience with IBM AppScan Source Edition, IBM AppScan Standard, and/or HP Fortify is a plus. * Knowledge of common vulnerabilities such as cross-site scripting (XSS), session hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors. * Understanding of modern software engineering principles and practices as well as modern/Web 2.0/3.0 tools and frameworks. * Familiar with common frameworks, spanning frontend and backend (Angular, Bootstrap, Node, Struts, Spring, ASP.NET MVC, etc.). * Experience with RESTful web services. * Experience with AWS and familiar with AWS services, components and common architecture patterns. - Familiar with AWS cloud architecture security. * Strong documentation and communication (written and verbal) skills.

Job: *Technical Support

Title: Application & Data Security – Application Scanning

Location: Ireland-Tipperary-Nenagh-Nenagh-Stereame Business Park

Requisition ID: 2234160