Information Security Engineer

Start/Stop image slider
Information Security Engineer

Information Security Engineer

Monster Worldwide is seeking an Information Security Engineer to join our team! This position will focus on application security assurance including testing, standards and best practices, vulnerability mitigation management, and ensuring secure development practices are implemented across the Monster Worldwide environment. This individual will work closely with the Principal Information Security Architect and Monster Development Teams in a DevSecOps environment.

What you will be doing…

· Conducting application vulnerability tests against Monster applications and services.

· Manage Monster Bug Bounty program including vetting of reported bugs, assignment for mitigation, and follow up testing.

· Coordinate annual pen testing of Monster critical applications

· Generate and manage metrics to show the effectiveness of the Software Security Assurance Program.

· Assist the Senior Architects designing and developing "Security by Design" processes for secure software development including standards, best practices, controls, and tools.

· Work with application development teams to carry out Security Reviews; perform threat modeling, vulnerability analysis, penetration testing, code reviews, and SDLC support.

· Work with Monster Security Champions to evangelize security and be a "Security Champion" advocate for a positive approach to application security.

What’s essential for you to have…

· Bachelor’s Degree or equivalent work experience.

· Certifications desired: CISSP, CEH

· Five years of experience in an information security role with the focus on application security

· Experience using Application Security Testing (AST) tools including SAST, SCA, and DAST.

· Familiarity with OWASP Top 10, CVE, and common vulnerability mitigations

· Evaluating and communicating risk in a fact-based manner.

· Ability to work independently in a fast-paced environment with frequent production releases.

· Ability to be creative, flexible, and objective in a dynamic, rapidly changing environment.

· Strong written and verbal communication, and teaching skills.

· Experience as a software developer is a plus

· Understanding of information security concepts and methodology and ability to learn new technologies.

· Experience working in multi-cloud environment (AWS, GCP, Azure)

You searched and didn’t find the right fit?

No problem. Join our talent community to stay connected.