Senior Security Engineer / Jack of all Trades, App Sec Focus

This nonprofit that's based in the Greater Philly Area has a very sophisticated IT department. Their security team in particular strongly values internal growth and is looking for a Senior Security Engineer. This person will spearhead all Application Security and Red Team focused functions, as well as guide the team through high-priority projects. This is a core application security and penetration testing focused position that has a well-rounded security background, and an acute mind for problem solving and tool integrations. They are currently going through an AWS migration, as well as other projects that require strong critical thinking. This is a fully remote position, but candidates must reside in Pennsylvania, New Jersey, Virginia, or Maryland.

Ideal candidates will be savvy with all aspects of a sophisticated security program, with the ability to be very hands on. Strong app sec knowledge is required, such as code reviews, threat hunting, threat modeling, network penetration tests, web-application tests, and more.

Required Skills & Experience

• Minimum of 3 years’ experience working within Application Security and/or Red Team (penetration testing)
• Strong understanding of SDLC and some knowledge of DevSecOps
• Experience with Burpe Suite and MetaSploit
• Experience with Code reviews, threat hunting, threat modeling
• Digital Forensics
• Defensive security experience
• Ability to work with the Application Developers & Web Developers
• Strong written and verbal communication skills

Desired Skills & Experience

• Bachelor’s Degree or equivalent work experience
• OSCP
• CISSP

You will receive the following benefits:

• Medical Insurance
• Dental Benefits
• Vision Benefits
• Paid Time Off (PTO)
• 401(k)

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.