Careers
Winmill Software seeks bright, goal-oriented, professionals for full-time positions. Winmill offers a generous salary structure and a comprehensive benefits package (including medical/dental) to qualified applicants.
Sales Operations Assistant
View More View LessCompany: Winmill
Location: Remote (Available on Eastern Standard Time)
Job Description
WinMill Software is actively seeking a Sales Operations Assistant. This position requires that the applicant be detail-oriented, possess excellent written and verbal communications skills, maintain time management skills, and effective customer service skills.
All work to be performed remotely. Employee may live anywhere in the US but will be required to be available and productive during Eastern Standard Time.
WinMill Software is a technology Services Company headquartered in New York City. Founded in 1994, WinMill has multiple practices including Application Development, Cyber Security, Cloud Services, and Data Center Services. WinMill also has several specialty practices, such as Project & Portfolio Management (PPM) and Identity and Access Management (IAM). We are in rapid expansion mode. We are looking for top people to help support and direct our growth.
Job Responsibilities
- Complete the administrative needs of the sales department including:
- Deal Processing
- Quoting
- Follow up with partners/vendors/clients
- Executive summaries
- Communicate with clients using clear and professional language
- Respond to sales inquiries via phone and e-mail under the direction of the account executive team
- Resolve any sales related issues with customers and vendors
- Work with outside marketing partners
- Track key dates for the team such as certification deadlines, renewal deadlines, and other key dates.
Job Requirements
- High School Graduate and/or Associates Degree. Bachelor’s Degree is a plus
- At least one year experience in operations or as an executive assistant
- Excellent verbal and written communication skills
Application Security Engineer
View More View LessCompany: Winmill
Location: Remote (Available on Eastern Standard Time)
Job Description
Winmill Software is actively seeking a full-time Application Security Engineer. The candidate will perform application security assessments using leading market tools, and be able to read, vet and triage results. The ideal candidate will have a background in application development and can work with developers to remediate vulnerabilities. The candidate must understand Secure DevOps and be able to design and build ALM architectures that support static scanning, dynamic scanning, risk correlation and remediation management. The candidate must be an enthusiastic problem solver with excellent communication skills, must be able to work independently and directly with clients, and must be committed to establishing and teaching best practices for Application Security and Secure DevOps.
Job Responsibilities
- Design and build secure development operations (Secure DevOps) architectures for clients as part of a continuous integration process.
- Perform static and dynamic application vulnerability assessments using multiple tools.
- Evaluation scan results, parse out false positives, correlate results from multiple tools, triage results and provide recommendations for remediation.
- Perform actual code remediation in one more of the following.
- Train clients on Secure DevOps best practices, as well as how to use various tools.
- Help to build out Secure DevOps architectures in WinMill sandboxes; train WinMill staff on best practices
Job Requirements
- Bachelor’s degree in computer information systems, or equivalent.
- At least three (3) years’ experience in software development using one or more of the following: javascript, node.js, java, C, C#, .NET, PHP, Python, Ruby.
- Ability to identify vulnerabilities in applications written in these languages.
- Knowledge and ability to assess web and non-web applications.
- Knowledge of secure coding methodologies including OWASP Secure SDLC, MS-SDLC.
- At least two (2) years’ experience with dynamic security testing tools such as Acunetix, BurpSuite, HP Webinspect, Veracode and ZAProxy.
- At least two (2) years’ experience with static testing tools such as CheckMarx, HP Fortify Static Code Analyzer and Veracode. Knowledge of CI/CD tools such as Artifactory, git, Chef, CircleCI, Consul, Jenkins, Microsoft TFS.
- Knowledge of secure methodologies and programming concepts including cryptography, authentication models and standards, secure libraries, and methods to evaluate their applicability to business and development problems.
- Preferred: knowledge of AWS environments and development within them, including CloudFormation.
- Experience, knowledge and presence to teach and train developers on secure coding and development techniques.
- Proficiency in written and spoken English.
- Ability to present findings and summaries of issues to senior management.
- Proactive and self-motivated, including willingness to reach out to development teams and stakeholders to discuss issues and identify areas needing assistance.
- Authorized to work in the US for any employer.
































