17 days old

Senior Application Security Test Engineer

TD Ameritrade
Jersey City, NJ 07302

To all recruitment agencies: TD Ameritrade does not accept agency resumes. Please do not forward resumes to our job alias, TD Ameritrade employees or any other company location. TD Ameritrade is not responsible for any fees related to unsolicited resumes.

The TD Ameritrade Enterprise Quality Assurance (EQA) Group is tasked to ensure there are robust processes which provide confidence that the stated or implied requirements for quality are met for TDA's software systems; including functional and non-functional aspects of quality.  The Security QA Team is a core function of Enterprise QA’s non-functional team and is primarily responsible for establishing and guiding the Application Security Testing Program within TD Ameritrade.  These activities include penetration testing, software security scanning, vulnerability management and remediation, automating security testing, and the education of TDA software developers and other testers in security best practices.  The Security Quality Assurance Consultant reports to the Director of Security QA to ensure the control and protection of software, improve the software development process, and minimize defects and vulnerabilities in software production.

  • 4 Year College Degree in Computer Science or BA Comp Engineering or 7-10 years Equivalent Experience
  • Graduate Degree preferred
  • 10 years total related experience
  • Bachelor’s degree in Computer Science, Computer Engineering or a closely related IT field or equivalent 
  • 5+ years of enterprise software development / testing experience.  Java programming skills including knowledge of JSSE and other security features is preferred.  Experience with NET/ASP/C# also a plus 
  • Development experience with strong Java programming skills including knowledge of JSSE and other security features 
  • Working knowledge of Java development environment including tools and framework used by developers, develops and testers (e.g. Eclipse, Spring, Jenkins, Maven, Jira, Selenium)  
  • Solid understanding of a variety of software security practices, secure code reviews, vulnerability scanning methods, threat modeling, security requirements analysis and architectural risk analysis
  • Expert knowledge in application vulnerability types, attack vectors and remediation approaches
  • Expert understanding of the IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS, PKI
  • Familiarity with well-known application security sources and standards such as OWASP, WASC, NIST and CVE
  • Extensive applied knowledge with dynamic analysis tools and hacking tools
  • Experience performing software security architecture, design and requirements analysis for large-scale enterprise systems 
  • Experience leading enterprise deployment of application security tools, services and controls
  • Information Security and control certifications preferred (CISSP, GPEN, GWAPT, OSCP, CEH, etc.)
  • Military education or experience may be considered in lieu of civilian requirements listed

Categories

Posted: 2019-08-06 Expires: 2019-09-14

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Application Security Test Engineer

TD Ameritrade
Jersey City, NJ 07302

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast