Sr. Cybersecurity Engineer - Application Security
AladtecFull time Full day
TCP is committed to cultivating a diverse and inclusive team. However, we are not able to sponsor visas for this role.
About TCP (TimeClock Plus):
For more than 30 years, TCP has helped organizations engage their people by providing flexible, mobile timekeeping and workforce management solutions. Trusted by tens of thousands of customers and millions of users, TCP delivers best-in-class technology and personalized support to organizations of all sizes in the public and private sector to meet their complex timekeeping, employee scheduling, leave management and other workforce needs. Growth is happening and our vision for a successful future is clear - We'd love for you to join us on this journey! For more information on TCP, visit www.tcpsoftware.com
The primary focus of this position is application security, pen testing , threat modeling and mitigation. TCP is seeking an Ethical Hacker experienced in application security testing and helping companies improve security posture across a portfolio of SaaS based web applications. The Cybersecurity Engineer App Se Role is a position providing an opportunity to work in a fast-paced collaborative environment protecting TCP Software cloud infrastructure from cyber threats. TCP Software treats security as the number one priority due to its significant effect on consumer privacy, customer confidence, and external reputation. This position plays a critical role in delivering that vision through continuous threat analysis, the implementation of DevSecOps processes, and ensuring regulatory compliance. Cybersecurity Engineers must be agile, willing to learn, and able to think outside of the box in order to operate effectively in an ever-changing threat landscape.
Basic Function of Position:
- Drives the TCP Application Security and Vulnerability Management program to include intelligence context and analysis support, provide industry expertise and recommend relevant/concrete remediation and countermeasures
- Works closely with various teams and departments conducting and overseeing penetration testing as it relates to applications as well as summarizing the results and providing actionable items and supporting information. Triages issues and prioritizes them according to a threat levels.
- Provides leadership in assessing new threat vectors, evaluating the effectiveness of current controls, and utilizing intelligence analysis to create proactive mitigation around threats and vulnerabilities.
- Work closely and collaboratively with development/QA departments and leadership to ensure adherence to secure software developing standards and technical integration with cloud infrastructure as necessary
Required/Desired Knowledge, Skills, and Abilities
- Bachelor’s degree in computer science, MIS, or Information Security or equivalent work experience
- At least 5 or more years of relevant work experience
- Professional and strong experience deploying and running various penetration testing tools including Metasploit, Burp Suite, Nessus, Nmap, Kali Linux, Wireshark, Hydra to mention a few. As well as SAST, DAST, SCA scan tooling and reporting.
- Experience with cyber threat intelligence, security research, security operations, and/or incident response
- Security certifications CEH, GIAC, CISSP, CCSP and software application development experience a big plus
- Knowledge of privacy regulations and security frameworks SOC, CCPA, GDPR
- Solid understanding of the OSI Network model as well TCP/IP protocol stack
- Working knowledge of industry standards such as NIST and CIS
- Strong understanding of the OWASP and SANS models related to application threats and vulnerabilities
- Great communication skills both oral and written ensuring point gets across clearly
- A forensic approach to incidents and investigations including relevant tools and procedures
- Ability to work in a highly collaborative environment
- Self-starter and driven to get the job done
- Demonstrated effective organizational and technical skills
- Critical thinking skills, problem-solving aptitude
- Desire to self-educate on the ever-changing landscape of cyber hacking tactics
- Competitive salary based on experience
- PTO and Sick leaves
- In-Patient Health insurance
- Provident fund and EOBI
- The work/life setup you need to be successful
- A creative, collaborative, supportive environment that gives you the autonomy to explore new ideas, grow your skillset, and create outstanding results
- The opportunity to work with amazing talent in a fast-growing company that really values its team
- Company sponsored training, workshops, education, and team building.
- The chance to make a genuine impact on the company’s growth.
- Plenty of challenging work and the opportunity to stretch yourself.
- Every day you’ll get to work with amazing talent in a fast-growing company that really values their people.
TCP is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.