The USAID Cybersecurity for Critical Infrastructure in Ukraine Activity is seeking an experienced Application Security Engineer to join its project office. As an Application Security Engineer, you will work as a part of our security engineering team and you will collaborate with other IT professionals to ensure that user data is protected. The Application Security Engineer will ensure that applications and services of an organization are secured and implemented with best security practices, in addition to providing technical leadership and guidance to the application security team. The Application Security Engineer may also manage the application security program, defines standards, policies, and procedures, and coordinate with engineering teams to implement and maintain integrated applications. The role will also entail support in establishing standard practices and policies for a new Cyber Center, as well as developing organizational, training, and technical plan, utilizing skills pertaining to application security engineering and other key considerations in this technical area.
Duties and Responsibilities:
- Developing and maintaining software application security policies and procedures
- Providing technical leadership, guidance, and direction to the application security team
- Developing and maintaining documentation of application security controls
- Implementing software application security controls
- Designing technical solutions to address security weaknesses
- Analyzing system services, spotting issues in code, networks and applications
- Following security best practices in performing tasks
Qualifications and Experience:
- Bachelor’s degree in computer science or related discipline and at least 3 years of experience working on programs of similar technical scope.
- Deep understanding of web application security threats, exploits, and prevention
- Knowledge and understanding of systems and/or network design principles and thorough understanding of security principles and technical architectures
- Proven ability to correlate and analyze log information, packet captures, security alerts, and artifacts
- Experience working with web applications and browser security; security assessments and penetration testing; identity and access control; applied cryptography and security protocols; security information and event monitoring and intrusion detection.
- Strong written and verbal communication skills, and the ability to communicate effectively to all levels of staff.
- Demonstrated ability to work as a member of a team and strong interest in professional growth.
- Critical thinking and problem-solving abilities
- Proven ability to work under tight deadlines with minimal supervision.
- Excellent interpersonal skills and proven ability to manage multiple tasks simultaneously.
- Fluency of Ukrainian; knowledge of English and Russian.
Qualified candidates should send their CV and cover letter to [email protected] and submit both CVs and cover letters in English. Only short-listed candidates will receive notice requesting additional information.