Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

AppSec Software Engineering Specialist
Company OLS Payments
Location Dallas, TX
Preferred GIAC Certifications GWAPT, GWEB, GSSP-JAVA
Travel 0%
Salary Not provided
Contact Name Anonymous
Contact Email matthew.frick/at/
Expires 2019-07-16

Job Description

Who We Are:
OLS Payments—an InComm company—develops complex, mission-critical software that powers the global economy. Merchants rely on OLS code to support a variety of transaction types, message formats, and protocols, to enable business partnerships that fuel competitive advantage, and to safeguard sensitive data from bad actors in an evolving threat landscape.

To learn more, visit:

What We’re About:
The security team at OLS values grit over pedigree and intellectual curiosity over conventional wisdom. If this position does not seem like a perfect fit, please apply anyway. Candidates based in Dallas, TX are preferred, but remote work could be considered for an exceptional candidate.

What You’ll Do:
As an AppSec specialist, you’ll define security toolchain for CI/CD pipelines, work with cloud-native technologies and processes, design and implement integrations to orchestrate security, and conduct threat modeling activities to risk assess functionality and prioritize actions to improve code quality.

You’ll keep your coding skills sharp with automation projects to enhance the capabilities of the OLS security team.

What You Need:
Well-qualified candidates exhibit the following characteristics:
• Bachelors degree in Computer Science or related disciple, or equivalent work experience
• Proficient in secure Java coding practices
• Experience with one or more additional languages such as Python, Go, Perl, C++, or .NET
• Knowledge of Kubernetes
• Commitment to code quality
• Desire for self-improvement and full-stack mastery
• Ability to mentor and provide application security guidance for developers
• Knowledge of cryptographic techniques, protocols, ciphers, and key management concepts
• Experience with static and dynamic analysis tools
• Familiarity with OWASP Top 10 concepts
• Experience managing and tuning Web Application Firewall policies
• Experience with software testing, including fuzzing and the use of Burp Suite

Exceptionally-qualified candidates exhibit the following characteristics:
• Public evidence of development expertise such as GitHub account history or acknowledged credit for contributions to open-source project efforts
• Certifications such as GWAPT, CSSLP, GWEB, or GSSP-JAVA
• Experience assessing software security maturity against models such as vBSIMM
• Familiarity with PCI, PA-DSS, and/or P2PE

For more information about this opportunity, feel free to contact the hiring manager:
Matthew Frick
Director, Information Security