Email Opening Title Application Security Engineer II  Description Hands-on role partnering with application development to strengthen application security best practices within the agile SDLC. Review security findings within existing code to identify vulnerabilities and provide recommendations to mitigate the risk to Paychex. Ensures application security controls in place are adequate or identify those that require improvement. Train developers in secure coding best practices, security testing tools and techniques. Collaborate with application development to address security risks and provide mitigation recommendations to align application security best practices within the agile SDLC, based on OWASP Top 10. Creation and refinement of rules for SAST and DAST security tools. Capability to analyze multiple instances of vulnerability patterns that can be traced to single root causes to eliminate existing risks within software applications. Collaborate with Penetration Testers to identify pervasive issues within an application or common trends throughout multiple applications. Validation of security controls to adhere with industry best practice and compliance requirements, including OWASP Top 10 and OWASP Application Security Verification Standard. Develop and coordinate the testing and deployment of rules for web application firewalls. Acts as an application security resource throughout the company, training developers on security tools and techniques.   Position Requirements Bachelor's degree in Information Security, Software Development or another related technical discipline. 5 years of experience in Information Security, Cyber Security is preferred. 5 years of experience in object oriented programming languages: C#, Java, or Javascript. Knowledge of back-end frameworks such as Spring, .NET or Node, as well as familiarity with modern front-end frameworks such as Angular or React is preferred. CISSP, SANS GIAC, or CEH is preferred.   Category Information Technology   Location NY, Rochester, Rochester 131 Calkins Rd Office   Full-Time/Part-Time -unspecified-   Req Number INF-19-00357   Open Date 11/19/2019   Hiring Manager(s) Ashley Rider   This position is currently not accepting applications. To search for an open position, please go to http://AdvancePartners.appone.com

Click here for technical assistance.