Deloitte & Touche: Application Security Engineer

From: Ray Jannson <rjannson(at)deloitte.com>
Date: Fri May 09 2003 - 15:54:05 EDT

('binary' encoding is not supported, stored as-is)

We are currently seeking a Senior Consultant with application security engineering experience in the San Francisco Bay Area. The qualifications are as follows:

Required Skills:
• Identify technical strategies for minimizing application software vulnerabilities.

•	Application architecture
•	Application security audits
•	Software source code reviews
•	Software source code reviews using automated vulnerability testing 
tools and manual review of code.
•	Risk mitigation of common vulnerabilities such as buffer overrun, 

cross-site scripting attacks, SQL injection attacks, etc.

Preferred technology experience with the following: • WhiteHat Arsenal 1.05, Sanctum, AppScan, SPI Dynamic, WebInspect ITS4, KaVaDo, ScanDo, @stake Web Proxy, Black Hat, Defcon, SANS.

To be considered for this position the following are essential:

•	BA/BS in information technology or related field, MS preferred
•	CISSP, CCNA and/or CISA certification a plus.
•	Minimum of  five years application security experience
•	Prior Big 5/consulting experience.
•	Excellent verbal and written communication
•	Industry Experiences in financial services, high-tech, and /or 
healthcare a preferred
•	Willingness to travel

All qualified candidates please forward your resume and cover letter to rjannson@deloitte.com . For more information about Deloitte & Touche, visit our web site at www.deloitte.com. Received on Sun May 11 13:11:24 2003