Vacancy expired!
- Provide guidance on secure coding practices and security design based on current knowledge of security threats and vulnerabilities that could impact the technology stack
- Support definition of Secure SDLC standards to include security architecture, design and coding requirements for infrastructure, application, and data to align with application security maturity model and adopt a shift-left approach for security.
- Work independently with various application security tools including SAST, DAST, SCA, IAST, and Pen Testing and operationalize security tools for integration with CI/CD.
- Explains and interprets the vulnerability report results to development staff.
- Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments.
- Perform vulnerability replication, threat modeling, and triage findings to improve the application security posture and have right controls.
- Provide security related coaching and expertise to drive and elevate security expertise within the development teams
- Work on security Tools day-to-day administration and automation using scripting.
- Bachelor’s Degree in IT related or the equivalent combination of education, training, or experience
- 3-4 years of experience in the field of cybersecurity pen-testing and application security
- Solid knowledge in security best practices, principles and commonly used security frameworks such as OWASP, NIST and HIPAA
- Hands-on experience in software coding in Java/Python/ .Net/scripting languages
- Knowledge of secure architecture and design patterns for Web, Application and Microservices
- Knowledge of current and emerging threats and techniques for exploiting security vulnerabilities
- Solid experience/exposure to securing cloud, cloud native application infrastructure and applications. Creating custom automation scripts and reports
- Strong organizational, planning and time management skills, ability to work in fast paced environment. Ability to learn new technologies.
- Strong communication, presentation, and analytical skills
- Nice to have: CISSP, CISM or other related Information Security certifications
- ID: #43825644
- State: District of Columbia Washington 20024 Washington USA
- City: Washington
- Salary: Up to $47
- Job type: Contract
- Showed: 2022-07-04
- Deadline: 2022-08-30
- Category: Et cetera