Scottrade Application Security Engineer - St. Louis, MO in St. Louis, Missouri
The main purpose of this position is to identify vulnerabilities within Scottrade's complex software architecture.
Plan and conduct complex application security testing against a variety of applications within the Scottrade architecture.
Act as a subject matter expert for one or more application security tools and participate in design discussions related to security of Scottrade applications.
Review application source code for potential vulnerabilities and compliance with secure coding standards, policies and guidelines.
Lead projects and assist with initiatives and provide technical recommendations within the discipline.
Assist with process capability improvement of application security processes and the maturation of application security processes and tools.
Provide mentoring and technical expertise to application security engineers and software developers regarding secure coding techniques.
Report to management on the status of remediation efforts of various Scottrade applications.
Create, document and report metrics on current application vulnerabilities
Assist with the development of secure coding standards, policies and guidelines.
Perform other duties as assigned.
KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
Excellent written and oral communication skills.
Strong work ethic with the ability to effectively muti-task in a fast paced environment.
Ability to conduct source code reviews.
Advanced level knowledge of at least one common compiled language (e.g., C, C++, Java, or C#) and one scripting language (e.g., Perl, Python, or Java).
Basic understanding of common internet protocols at the application, transport and network layers (e.g., HTTP and SMTP).
Basic understanding of XML, SOAP and AJAX.
Advanced level understanding of encryption and hashing algorithms.
Basic level understanding of the layers of the OSI model.
Basic level of proficiency with the Windows operating system.
Intermediate level web programming ability (e.g., ASP.NET, PHP, Perl CGI, or Java).
Advanced level knowledge of common vulnerabilities, (e.g., XSS, SQLi, OS command injection, cookie manipulation and buffer overflows).
Intermediate level of proficiency with Microsoft Word, Excel and Outlook.
Foster company success through a professional appearance, being courteous to customers and all Scottrade associates and by having a positive attitude.
PHYSICAL ACTIVITES & REQUIREMENTS, VISUAL ACUITY, WORKING CONDITIONS AND NOISE LEVEL:
While performing the duties of this job, the employee is required to sit, talk, hear, and use hands to finger, handle or feel objects, tools or controls.
The physical requirements of this position are considered to be sedentary work (Exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects. Sedentary work involves sitting most of the time).
While performing the duties of this job, the employee is required to have close vision (clear vision at 20 inches or less in order to view a computer screen).
The noise level in the work environment is considered moderate (business office with co-workers, copiers, shredders, printers, etc).
CONTACTS WITH OTHERS:
- Contacts with other persons within the department on routine matters as well as regular contact with other departments, or outside the organization furnishing or obtaining factual data requiring ordinary courtesy and tact. May need to regularly utilize specialized communication skills in order to maintain goodwill with internal and external contacts.
MINIMUM EDUCATION & EXPERIENCE:
Bachelor’s degree in Business, Management Information Systems or Computer Science, or equivalent combination of education and experience required.
4+ years information security or 6+ years information systems experience of similar complexity required.
2+ years application development experience in C/C++, .Net, Java, or J2EE required.
2+ years experience performing application security tests against websites or web applications required.
LICENSE & CERTIFICATION REQUIREMENT(S)
Scottrade, Inc., an equal opportunity employer, is committed to inclusion and a diverse workforce.-
Scottrade, Inc., a leading investing services company, partners with more than three million retail clients to provide the trading services and investment solutions they need to overcome barriers to financial success. Founded in 1980, Scottrade pairs its large nationwide branch network with advanced online products and services to help clients gain insight into the market and react quickly to trading opportunities. Other lines of business include Scottrade® Advisor Services, which serves registered investment advisors; Scottrade Investment Management, the nationwide investment advisor; and Scottrade Bank, which provides online retail banking products and services, commercial lending and commercial equipment financing. To learn more about opportunities to advance your career at Scottrade, visit careers.scottrade.com.
To apply you will be required to set up a candidate account, this account will keep you informed of your application status.
Steps to create an account:
If you created an account on or after July 12, 2016, Sign In with your email address and password. If you do not have an account, click Create Account or created one prior to July 12, 2016, click Forgot Password.
Enter your email address
Enter a password. Passwords must contain at least 8 characters, including
At least 1 upper case and one lower case letterAt least 1 numeric digit At least one special character (!, @, #, $, etc.)
If you have any technical questions please contact email@example.com. Thank you!