Security Testing Engineer-Authentication-Seattle WA

Job Title: Security Testing Engineer-Authorization

Duration: 12-18 months

Location: Seattle, WA

Required Pay Scale: $60-$65hr - W2 ONLY, NO C2C

Job Summary:

As a Security Test Engineer, you will be performing authorized security testing on complex, large-scale, and critical applications. You must be self-directed, able to work independently, as well as work in a team-oriented and fast-paced environment.

You need to be aware of various application security domains like authentication, authorization, identity management, and cryptography. Working as part of the development team, you will proactively identify security vulnerabilities (OWASP Top 10, SANS Top 25, CWE) before they are discovered late in the cycle by InfoSec teams or in production. You will act as a liaison between the InfoSec team and development teams, helping them understand and fix reported security issues.

Good communication and presentation skills are essential to present findings to Leadership/Management/Development teams, helping them understand risks for informed decisions on mitigations and controls. You should be passionate about following the evolving threat landscape and familiarizing yourself with the latest security vulnerabilities impacting the teams.

Responsibilities:

1. Conduct web application security testing on Bank applications and report findings to Leadership/Management/Development teams.
2. Understand security issues reported by InfoSec teams and collaborate with development teams to address them.
3. Promote application security concepts within the development community to prevent vulnerabilities.

Required Skills:

1. Deep understanding of web application technologies and protocols (HTTP, HTTPS).
2. In-depth knowledge of application security in Identity and Access Management (IAM) and various authentication technologies.
3. Proven expertise in security testing tools (e.g., Fiddler, Burp, Static Security Code analysis tools).
4. Understanding of application security vulnerabilities such as OWASP Top 10, SANS Top 25, CWE, and attack patterns (CAPEC).
5. Bachelor's Degree in Computer Science or equivalent experience.
6. Ability to work independently as well as in a team-oriented, fast-paced environment.

Must Haves:

• Security specialization
• Manual/automation testing
• Testing for vulnerabilities
• Soap UI
• Black box and white box testing
• Agile experience

Desired Skills:

1. Experience with security technologies and standards like SSO using SAML/OpenID and OAuth protocols.
2. Good understanding of cryptographic algorithms and standards.
3. Understanding of security vulnerabilities related to cloud environments is a plus.
4. Security certifications are an advantage.
5. Understanding of threat modeling concepts and secure development lifecycle processes.
6. Familiarity with mobile application security is desirable.

About Matlen Silver:

For over 40 years, Matlen Silver has delivered solutions for complex talent and technology needs to Fortune 500 companies and industry leaders. We pride ourselves on hard work, honesty, and a trusted team of experts.

Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.

If you are a person with a disability needing assistance with the application or at any point in the hiring process, please contact us at email and/or phone.