AvalonBay Communities

  • Information Security Engineer

    Posted Date 4 days ago(7/11/2018 10:24 AM)
    Job ID
    19997
    Experience (Years)
    4
    Location
    US-VA-Arlington
    Category
    Information Technology
    Position Type
    Full Time
    Job Type
    Exempt
    Brand
    Corporate
  • Overview

    AvalonBay is proud to be named one of Glassdoor's Best Places to Work in 2018.

     

    AvalonBay Communities, Inc. is one of the nation's leading Real Estate Investment Trusts (REITs), in the business of developing, redeveloping, acquiring and managing quality apartment communities in high barrier-to-entry markets of the United States. These markets are located in the Northeast, Mid-Atlantic, Southeast, Pacific Northwest and Northern and Southern California regions of the country. We currently own and operate approximately 80,000 apartment homes in the US and employ approximately 3,000 associates. 

     

    We are seeking an extraordinary Information Security Engineer to focus on Web Application security.

    The Role

    The information security team is responsible for managing security tools, security initiatives & programs, and mitigating risks faced by AvalonBay. This is a highly technical, hands-on role that requires a wide and deep experience in the technical aspects of security as well as the soft skills needed to move at the speed of business. This position requires practical knowledge of web application security, vulnerability assessment tools, secure coding methodologies, and data privacy & protection.

     

    Responsibilities will include but are not limited to: 

    • Maintain, Configure, Support and Administer Web Application Scanning tools
    • Perform vulnerability assessment of internal and external applications via automated and manual techniques
    • Direct and consult with development teams in the remediation efforts of security findings and explain risk and trade-offs in differing methods of remediation
    • Interface with external security services to receive, triage, and resolve vulnerabilities
    • Conduct or manage penetration testing, in which simulated attacks on the systems are highlighted to find any weaknesses that might be exploited by a malicious party
    • Work with technical and non-technical teams to define and document application security requirements vulnerability validation and manual source code reviews

    You Have...

    Qualifications

    • Bachelor’s degree from an accredited university required, Computer Science program strongly preferred
    • 4+ years of experience as an engineer, implementing and monitoring security measures for the protection of computer systems, networks and web applications
    • 4+ years of experience identifying and defining web application security vulnerabilities
    • Desired Certification in Information Security - CISSP, CISM, CEH, GPEN, GWAPT
    • Experience with the following Web Assessment tools such as: Contrast, Veracode, Fortify, WebInspect, BURP Suite PRO, SoapUI
    • Familiarity with Security technologies, including authentication/access control mechanisms, encryption, penetration testing, Source Code Analysis and Web Vulnerability Assessment
    • Have hands on experience resolving web application vulnerabilities
    • Thorough understanding of the latest security principles, techniques, and protocols
    • Experience with data stream and data messaging services, including syslog, web API Get calls, JSON, etc.
    • An understanding of ethical hacking methodologies, Secure Coding, frameworks, and industry resources, e.g. OWASP, NIST publications, SANS/CWE
    • Working knowledge of network protocols and Wintel/Linux/Unix system internals and transport protocols (TCP, TLS, HTTP/S, UDP)
    • Demonstrated In-depth knowledge and understanding of computer applications to demonstrate proficiency with development frameworks& languages (Java, NET, C/C++, C#, PHP etc.)
    • Ability to conduct Manual Source Code Security Analysis of developer source looking for coding flaws and errors for remediation

     

    In addition, the ideal candidate must have strong communication and problem solving skills.  Must be able to build and maintain relationships with varying levels of management within all departments.

     

    Options

    <p style="margin: 0px;">Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.</p>
    Share on your news feed