Information Security Engineer
Location: Weston, Massachusetts, United States
Requisition Number: 1552
Position Title: Senior Information Security Architect_G01
Information Security Engineer
Monster Worldwide is seeking an Information Security Engineer to join our team! This position will focus on application security assurance including testing, standards and best practices, vulnerability mitigation management, and ensuring secure development practices are implemented across the Monster Worldwide environment. This individual will work closely with the Principal Information Security Architect and Monster Development Teams in a DevSecOps environment.
What you will be doing…
· Conducting application vulnerability tests against Monster applications and services.
· Manage Monster Bug Bounty program including vetting of reported bugs, assignment for mitigation, and follow up testing.
· Coordinate annual pen testing of Monster critical applications
· Generate and manage metrics to show the effectiveness of the Software Security Assurance Program.
· Assist the Senior Architects designing and developing "Security by Design" processes for secure software development including standards, best practices, controls, and tools.
· Work with application development teams to carry out Security Reviews; perform threat modeling, vulnerability analysis, penetration testing, code reviews, and SDLC support.
· Work with Monster Security Champions to evangelize security and be a "Security Champion" advocate for a positive approach to application security.
What’s essential for you to have…
· Bachelor’s Degree or equivalent work experience.
· Certifications desired: CISSP, CEH
· Five years of experience in an information security role with the focus on application security
· Experience using Application Security Testing (AST) tools including SAST, SCA, and DAST.
· Familiarity with OWASP Top 10, CVE, and common vulnerability mitigations
· Evaluating and communicating risk in a fact-based manner.
· Ability to work independently in a fast-paced environment with frequent production releases.
· Ability to be creative, flexible, and objective in a dynamic, rapidly changing environment.
· Strong written and verbal communication, and teaching skills.
· Experience as a software developer is a plus
· Understanding of information security concepts and methodology and ability to learn new technologies.
· Experience working in multi-cloud environment (AWS, GCP, Azure)
Community / Marketing Title: Information Security Engineer
Monster (Randstad Group) is the worldwide leader in successfully connecting people to job opportunities. From the web, to mobile, to social, we help companies find people with customized solutions and we use the world's most advanced technology to match the right people to the right job.
We've made it our mission to help companies find better candidates. And nobody brings more cutting-edge tools to help them do just that than Monster. Whatever their needs are, we have the products and technologies to build a bespoke solution for our clients, to help them find #TheRightFit.
Innovation is the heart of our success... and our future. We're changing the way people think about work, and we're helping them improve their lives and their work performance with new technology, tools and training.
What makes Monster great…
Monster is synonymous with innovation; we are passionate about bringing great people and great companies together. In fact, we are obsessive about it – it’s what we do every day. We believe that the work that we do has a noble purpose... Making people’s lives better.
At Monster, we let people breath, giving everyone the opportunity to shape their destiny and provide the development support that allows them to do so.
Find out more about Working at Monster here: https://www.monster.com/about/working-here/
Location_formattedLocationLong: Weston, Massachusetts US
CountryEEOText_Description: US EEO Verbiage