Web Applications Security Engineer CIS
Company Name:
Nike
Become a Part of the Nike Team
Nike does more than outfit the world's best athletes. We are a place to explore potential, obliterate boundaries, and push out the edges of what can be. We're looking for people who can grow, think, dream and create. We thrive in a culture that embraces diversity and rewards imagination. We seek achievers, leaders and visionaries. At Nike, it's about bringing what you have to a challenging and constantly evolving game.
Nike Tech brings together technology and process expertise to create value for the consumer. We deliver one-stop, integrated process and technology capabilities that enable Nike, Inc.'s businesses and brands worldwide. Our focus is on solutions that maximize consumer value and drive profitable business growth.
If you're the one for this role, you'll be joining the Consumer Information Security team, and have the opportunity to work on cutting edge technology projects designed to improve the consumer experience on Nike online properties.
As our Web Application Security Engineer your role on the team will be to perform security vulnerability assessments (manual & automated) of web applications and systems. You will work with technical and business teams to explain the vulnerabilities and provide recommendation for mitigation. You will also drive to improve application security practices, conduct application security training for development teams and focus on improving overall application quality.
To be considered you must have the following
Experience:
- 3 years experience in Application Security and administering web-based applications and servers.
- 3 years experience conducting black box / white box security assessments with industry-standard security tools.
- Familiarity with Web Application Testing tools such as WebInspect, NTOSpider, Checkmarx and AppScan.
- Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
- Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications
- Knowledge of Applied Cryptographic Protocols.
- Working knowledge of TCP/IP ports and protocols.
- In-depth familiarity with Windows and Unix Operating Systems.
- Working knowledge of firewalls and other Network Security products.497324
Qualifications
What We're Looking For:
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who has in-depth experience and clearly demonstrates these skills:
- Database Administration, Device Configuration Hardening and Compliance Verification experience
- Excellent written and oral communication skills
- BA/BS degree preferred in economics, finance, engineering, math, statistics, information systems
- CISSP, CEH, OSCP, OSCE, GPEN, CPT
- Strong knowledge of software development lifecycles
- Strong knowledge of project management frameworks
- Strong communication skills with the ability to manage time effectively
- Ability to develop and communicate recommendations to management
- Ability to translate technical security vulnerabilities into business risk
- Strong problem-solving and conceptual thinking abilities
- Strong ability to analyze information and data
Still Interested?
To ensure that we continue to hire competent, ethical and trustworthy individuals, all candidates must successfully complete a thorough background investigation prior to receiving any offer of employment from Nike.
Have we piqued your interest? Good, then a generous benefits package will only sweeten the deal. We offer a stock purchase plan, 401(k), a casual work environment, and a host of other perks we don't have room to mention here.
As soon as you post your resume, our technical recruiter will be immediately notified.
We're interested in learning more about you and appreciate you taking the time to apply online.Estimated Salary: $20 to $28 per hour based on qualifications.
Nike
Become a Part of the Nike Team
Nike does more than outfit the world's best athletes. We are a place to explore potential, obliterate boundaries, and push out the edges of what can be. We're looking for people who can grow, think, dream and create. We thrive in a culture that embraces diversity and rewards imagination. We seek achievers, leaders and visionaries. At Nike, it's about bringing what you have to a challenging and constantly evolving game.
Nike Tech brings together technology and process expertise to create value for the consumer. We deliver one-stop, integrated process and technology capabilities that enable Nike, Inc.'s businesses and brands worldwide. Our focus is on solutions that maximize consumer value and drive profitable business growth.
If you're the one for this role, you'll be joining the Consumer Information Security team, and have the opportunity to work on cutting edge technology projects designed to improve the consumer experience on Nike online properties.
As our Web Application Security Engineer your role on the team will be to perform security vulnerability assessments (manual & automated) of web applications and systems. You will work with technical and business teams to explain the vulnerabilities and provide recommendation for mitigation. You will also drive to improve application security practices, conduct application security training for development teams and focus on improving overall application quality.
To be considered you must have the following
Experience:
- 3 years experience in Application Security and administering web-based applications and servers.
- 3 years experience conducting black box / white box security assessments with industry-standard security tools.
- Familiarity with Web Application Testing tools such as WebInspect, NTOSpider, Checkmarx and AppScan.
- Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
- Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications
- Knowledge of Applied Cryptographic Protocols.
- Working knowledge of TCP/IP ports and protocols.
- In-depth familiarity with Windows and Unix Operating Systems.
- Working knowledge of firewalls and other Network Security products.497324
Qualifications
What We're Looking For:
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who has in-depth experience and clearly demonstrates these skills:
- Database Administration, Device Configuration Hardening and Compliance Verification experience
- Excellent written and oral communication skills
- BA/BS degree preferred in economics, finance, engineering, math, statistics, information systems
- CISSP, CEH, OSCP, OSCE, GPEN, CPT
- Strong knowledge of software development lifecycles
- Strong knowledge of project management frameworks
- Strong communication skills with the ability to manage time effectively
- Ability to develop and communicate recommendations to management
- Ability to translate technical security vulnerabilities into business risk
- Strong problem-solving and conceptual thinking abilities
- Strong ability to analyze information and data
Still Interested?
To ensure that we continue to hire competent, ethical and trustworthy individuals, all candidates must successfully complete a thorough background investigation prior to receiving any offer of employment from Nike.
Have we piqued your interest? Good, then a generous benefits package will only sweeten the deal. We offer a stock purchase plan, 401(k), a casual work environment, and a host of other perks we don't have room to mention here.
As soon as you post your resume, our technical recruiter will be immediately notified.
We're interested in learning more about you and appreciate you taking the time to apply online.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
