Stantec Application Security Specialist (Application & Penetration Testing) in Portland, Maine
Application Security Specialist (Application & Penetration Testing) - ( 2100017H )
Grow with the best. Join a smart, creative, and inspired team that works behind the scenes to support operational excellence. Our functional services teams (FSTs) provide services to 22,000 employees in over 350 locations worldwide. Bringing together individuals with diverse backgrounds, talents, and expertise, our FSTs are vital to making our Company stronger.
We are currently seeking an Application Security Specialist (Application & Penetration Testing) to join our team!
This position will offer the qualified candidate a great opportunity to work on new and exciting projects. Stantec is looking for someone with strong penetration testing capabilities, a good understanding of compliance requirements such as NIST, ISO27001, CMMC and DFARS, as well as someone who can work with our Security Operations team to help in troubleshooting incidents.
Your Key Responsibilities:
Conduct tests on networks and applications and perform penetration testing activities.
Support performing security tests on networks, web-based applications, and computer systems. You will be required to design tests and tools to try to break into security-protected applications and networks to probe for vulnerabilities.
Maintain knowledge of the latest methods for ethical hacking and testing and support in the evaluation of new penetration testing tools.
Use testing methods to pinpoint ways that attackers could exploit weaknesses in security systems.
Conduct network and system security audits, which evaluate how well an organization’s system conforms to a set of established criteria.
Support the analysis of security policies that identify procedures and rules for accessing and using Stantec IT resources. You will be responsible to make suggestions on security policy improvements, and work to enhance methodology material.
After conducting thorough research and testing, you will be required to document and present your findings, write security reports, and discuss solutions with IT teams and management. You will also provide feedback and verification after security fixes are issued.
Use their exceptional computer skills to test Stantec systems. You will be expected to keep up to date on security software packages and learn new security protocols and computer technologies that could be exploited.
Approximately 30% of your time you would be responsible to support the Stantec Security team as required to help Stantec meet and maintain security compliance and deal with security operational incidents.
Your Capabilities & Credentials
Solid understanding of networking and system administration.
Understand cryptography, reverse engineering, web applications, databases, and wireless technologies.
An understanding of scripting and programming as well as the following software and standards:
Security assessment tools (such as Aircrack-ng, Burp Suite, SQLmap, Nessus)
Security frameworks (such as NIST, SOX, HIPAA, ISO)
Operating systems (such as Linux, Unix, Windows)
Strong oral and written communication skills
Excellent problem-solving skills to determine the most effective way to correct issues that arise
Ability to review data and analyze the processes needed to correct security issues
Working knowledge of regulatory guidelines and standards, compliance standards and policies, audit techniques, regulatory issues, operations, and procedures as they relate to the organization is preferred
Experience working in a large organization
Education & Experience
Post-secondary degree/diploma in information systems or related field, or equivalent experience Minimum of 5 years of experience in an IT role, and a minimum of 3 years of experience in a related IT security role.
Certified Ethical Hacker (CE|H) or equivalent experience is preferred.
This description is not a comprehensive listing of activities, duties or responsibilities that may be required of the employee and other duties, responsibilities and activities may be assigned or may be changed at any time with or without notice.
Primary Location : United States-Illinois-Chicago
Other Locations : United States-California-San Jose, United States-Texas-San Antonio, United States-New Mexico-Roswell, United States-Maine-Portland, United States-California-Redding, United States-Oregon-Portland, United States-Arizona-Chandler, United States-Louisiana-Baton Rouge, United States-Florida-Tallahassee, United States-Nevada-Las Vegas, United States-Georgia-Alpharetta, United States-Texas-Dallas, United States-Wyoming-Sheridan, United States-Illinois-Lombard, United States-New Mexico-Albuquerque, United States-New York-Albany, United States-Indiana-Indianapolis, United States-Alaska-Fairbanks, United States-Texas-Austin, United States-Texas-Houston, United States-North Carolina-Asheville, United States-Florida-Sunrise, United States-California-San Bernardino, United States-Utah-Salt Lake City, United States-Texas-Fort Worth, United States-Louisiana-New Orleans, United States-Minnesota-Woodbury, United States-Rhode Island-Providence, United States-Massachusetts-Burlington
Job : IT Generalist
Organization : BC-1973 IT Services-Corporate-US
Employee Status : Regular
Job Level : Individual Contributor
Travel : No
Schedule : Full-time
Job Posting : May 16, 2021, 7:36:44 PM
Req ID: 2100017H
Stantec provides equal employment opportunities to all qualified employees and applicants for future and current employment and prohibit discrimination on the grounds of race, color, religion, sex, national origin, age, marital status, genetic information, disability, protected veteran status, sexual orientation, gender identity or gender expression. We prohibit discrimination in decisions concerning recruitment, hiring, referral, promotion, compensation, fringe benefits, job training, terminations or any other condition of employment. Stantec is in compliance with local, state and federal laws and regulations and ensures equitable opportunities in all aspects of employment. EEO including Disability/Protected Veterans