Find A Job

Web Application Security Engineer

Irvine, CA | IT
Job ID: 82602
Listed on 7/27/2018

KellyMitchell matches the best IT and business talent with premier organizations nationwide. Our clients, ranging from Fortune 500 corporations to rapidly growing high-tech companies, are exceptionally served by our 1500+ IT and business consultants. Our industry is growing rapidly, and now is a great time to launch your career with the KellyMitchell team.

Position Title:  Web Application Security Engineer

Ready for a challenge!  We are looking to add a Web Application Security Engineer to our IT Operations Team. As a Web Application Security Engineer, you will be a key liaison between the software development teams and the security team - making sure the developers stay on top of their game for creating secure code, reviewing and testing code and builds from a security perspective, and following up on findings. In this fast-paced environment with multiple teams, you won't be chained to your desk, but have the opportunity to interact with people working on all aspects of our business.


  • An understanding of PCI Compliance and EU GDPR Requirements
  • Familiarity with SQL Server Administration and Queries
  • Knowledge of common scripting and application development languages (e.g. PowerShell, C#, Python, T-SQL etc.)  and/or the ability to learn as required
  • The ability to provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high profile projects
  • An understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance
  • A general understanding of security fundamentals and general security technologies, including operating systems, network security (firewalls, VPNs, etc.), security event management, business continuity, physical security, identity management, directory services, etc. 
  • Deep knowledge of OWASP Top 10 (2013 and/or 2017 Version) vulnerability detection and mitigation
  • Familiarity with security of LANs, WANs, Firewalls, VPN, MPLS and related Network Applications
  • Knowledge of Active Directory, DDNS, Group Policy, Microsoft Windows Server and Desktop operating systems
  • Knowledge of Linux based Operating Systems, Logging and Troubleshooting
  • A strong work ethic, including consistent documentation
  • The ability and a strong desire to work in fast paced, rapidly changing environment 
  • Experience with application and network security
  • Experience with various tooling in the Application Security space
  • Experience identifying, assessing, and remediating technical security vulnerabilities
  • Knowledge of IT/Information Security Audit and assessment
  • Knowledge of PCI DSS and EU GDPR
  • Knowledge researching, analyzing and recommending information security solutions
  • Knowledge of/experience in Key Management Administration for encryption keys and secrets
  • A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis, vulnerability scanning, and data encryption
  • 3-5 years experience in information systems as a system administrator, application developer, or network administrator with at least two of those with direct information security duties
  • A Bachelor’s Degree in Information Technology, Information Security, Computer Science, or related field
  • An advanced industry certification, e.g. SANS GIAC (CEH - Certified Ethical Hacker or GXPN - Exploit Researcher and Advanced Penetration Tester, are preferred), Offensive Security Certified Professional (OSCP), CompTIA Security+, CISSP,...


  • Working in a fast paced environment 
  • Having an Agile mindset and being accountable for my role in the business
  • Producing quality work error free
  • Having the opportunity to collaborate with peers
  • Open and honest communication with the best interests of the business in mind
  • Teamwork