Senior Application Security Specialist (Web And Mobile Application Security)

NTT Data Corporation San Francisco , CA 94118

Posted 2 months ago

Req ID: 90812

At NTT DATA Services, we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees are key factors in our company's growth, market presence and our ability to help our clients stay a step ahead of the competition. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA Services and for the people who work here.

NTT DATA Services currently seeks a Senior Application Security Specialist (Web and Mobile application security) to join our team in San Francisco, California (US-CA), United States (US).

Job Duties and Responsibilities:

  • NTT Data is seeking a Senior Application Systems Engineer to support web and mobile application security for its Digital platforms.

  • In this role, resource will work with software development partners to identify and mitigate security vulnerabilities in application code.

  • As a member of the secure coding team, the position will be responsible for on both the definition and execution of controls within the software development lifecycle.

  • The role will conduct static analysis, JavaScript code reviews and engineer proactive quality gates.

  • Communication with the line of business, enterprise security, and software engineering partners are critical to the success of this role.

  • The position will also develop new engineering processes, metrics and reporting to inform senior management on the state application security.

  • Provide application security consulting to software engineering

  • Perform static analysis and code reviews of JavaScript

  • Perform root cause analysis on vulnerabilities

Basic Qualifications:

  • 3+ years of SAST (Static Analysis Software Testing) experience
  • 3+ years of JavaScript development experience
  • 5+ years of information security experience
  • 5+ years of Java experience
  • 3 years year application security vulnerability detection and mitigation experience with Open Web Application Security Project (OWASP) Top 10 and SANS Common Weakness Enumeration Top 25
  • 3+ years of Fortify Code Analyzer experience


  • Bachelor's degree required; any field is fine, preferred is Computer Science.

This position is only available to those interested in direct staff employment opportunities with NTT DATA, Inc. or its subsidiaries. Please note, 1099 or corp-2-corp contractors or the equivalent will NOT be considered. We offer a full comprehensive benefits package that starts from your first day of employment.

About NTT DATA Services

NTT DATA Services partners with clients to navigate and simplify the modern complexities of business and technology, delivering the insights, solutions and outcomes that matter most. We deliver tangible business results by combining deep industry expertise with applied innovations in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services.

NTT DATA Services, headquartered in Plano, Texas, is a division of NTT DATA Corporation, a top 10 global business and IT services provider with 118,000+ professionals in more than 50 countries, and NTT Group, a partner to 88 percent of the Fortune 100. Visit to learn more.

NTT DATA, Inc. (the "Company") is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Systems Architect 5 Cyber Application Security

Wells Fargo

Posted 1 week ago

VIEW JOBS 7/1/2020 12:00:00 AM 2020-09-29T00:00 Job Description Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as "Personal Cell" or "Cellular" in the contact information of your application. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers. KEY JOB RESPONSIBILITIES (ESSENTIAL POSITION FUNCTIONS): As part of Information and Cyber Security (ICS), Information Security Architecture (ISA) enables Wells Fargo business units to achieve their objectives and to make informed decisions that balance risk with reward, by providing actionable security strategies, architectures and solutions. ISA is seeking a talented information security professional who will collaborate with Wells Fargo technology groups to enhance the application security domain. Successful candidate will: * Contribute to the application security architecture domain * Collaborate with security architects aligned with other security architecture domains, lines of businesses, ICS partners and internal customers on application security related initiatives, projects, and new technology development to identify risks and recommend mitigating controls. * Other locations within the Wells Fargo footprint may be considered if talent is unavailable in the listed cities/states.* IMPORTANT - Before submitting your resume, please note it is required to be at or above the year's minimum listed in the "required" qualifications section of the posting. Please double check your resume before applying, list how you qualify under each employer making sure there are dates to reflect how you meet each required skill listed in that section. If we can't confirm, we are unable to move you forward. Required Qualifications * 7+ years of information technology systems design and planning experience; in systems, applications, or architecture * 5+ years of information security experience * 3+ years of experience securing container solutions * 3+ years of experience with secure DevOps and deployment automation to cloud environments * 3+ years of Application Security experience Desired Qualifications * Experience influencing management on technical or business solutions * Experience with a wide application of technical principles, practices, and procedures to multiple applications or a component family * Excellent verbal, written, and interpersonal communication skills * Ability to interact with all levels of an organization * Web Services experience * Ability to influence across all organizational levels, particularly senior management * Knowledge and understanding of cryptography and key management * Knowledge and understanding of SOA (Services Oriented Architecture) * Knowledge and understanding of technology testing: dynamic application or software assessments (web application penetration testing, web application vulnerability testing) * 3+ years of RESTful or SOAP web services * Knowledge and understanding of Cloud computing, PaaS design principles and micro services and containers Other Desired Qualifications * Experience with different application architectures and designs - n-tier, event driven, asynchronous, domain driven, capability based, and Single-Page Applications and frameworks , etc. * Experience with secure app design & deployment patterns * Experience securing web services / API * Web Application Firewalls * Runtime Application Self Protection * API Gateway technologies * Knowledge and understanding of secure & resilient application design, threat modeling and assigning counter measures. * Proactive and defensive system monitoring and threat protection * Windows, Linux, Mac and UNIX operating systems * Knowledge and understanding of information security policy framework" to apply to broad set of categories. * Experience in secure application development with one or more programming languages (Java, .NET, Python, C/C++, C#, COBOL, etc.), scripting languages (JavaScript/JScript, ASP/JSP, Perl, etc.), runtime platforms and frameworks (JEE, .NET, LAMP, etc.), distributed protocols (XML, SOAP, DCOM, RMI, etc.), and their unique security vulnerabilities. * Familiarity with securing connections to database platforms such as Oracle, SQL Server, MySQL, DB2 * Familiarity with cloud and virtualization technologies * Familiarity with OWASP, NIST, ISO, PCI DSS, CLASP, CVE, WASC, and such standards * Security certifications such as CISSP, CSSLP, ISSAP Job Expectations * Ability to travel up to 5% of the time Street Address AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ CA-SF-Financial District: 333 Market St - San Francisco, CA IA-West Des Moines: 800 S Jordan Creek Pkwy - West Des Moines, IA IL-Chicago: 10 S Wacker Drive - Chicago, IL MA-Boston: 125 High Street - Boston, MA MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN MN-Minneapolis: 600 S 4th St - Minneapolis, MN MN-Minneapolis: 425 E Hennepin Ave - Minneapolis, MN MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC TX-DAL-Downtown Dallas: 1445 Ross Ave - Dallas, TX NY-New York: 150 E 42nd St - New York, NY PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo San Francisco CA

Senior Application Security Specialist (Web And Mobile Application Security)

NTT Data Corporation