Facebook SDK



Hello Guys,
 

Sr. Security Engineer
Long-Term Contract
Atlanta, GA
onsite Hybrid





Qualifications:

  • B.S. degree in Computer Science, Computer Engineering, Information Assurance or related field 
  • Minimum 5 year of professional experience in application security, penetration testing, security assessment, secure software development or related field
  • Experience with vulnerability risk and impact assessment
  • Experience integrating security capabilities in cloud and application lifecycle management platforms especially in a DevOps model
  • Extensive knowledge of the OWASP Top 10
  • Extensive knowledge of the secure development lifecycle
  • Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs, FindSecurityBugs, Brakeman and Open Source scanning tools such as Sonatype CLM
  • Extensive knowledge with dynamic scanners like WebInspect, Qualys or VeraCode
  • Extensive knowledge with vulnerability scanners like Qualys and Tenable
  • Excellent written and verbal communication skills
  • Strong sense of urgency and ownership


Responsibilities:

  • Identify weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data
  • Ensure security requirements are implemented within various stages of the system development lifecycle process; work closely with development teams to pen test new features within internally developed applications
  • Validate and address vulnerability / threat findings from static and dynamic analysis tools
  • Characterizes threats and provides recommendations for remediation; manages remediation efforts to completion
  • Develops and presents finding and remediation reports to audiences including team members from all department areas and levels of the company
  • Perform security reviews of software designs and assist developers to ensure quality and robustness of our internal products
  • Conduct security assessments against web applications and APIs across a variety of technology stacks
  • Ensure adequate security requirements and privacy by design are built into all architecture/infrastructure/projects
  • Member of the Security Incident Response team as needed
  • Integrating threat modeling practices into the application testing lifecycle
  • Impart application security and ethical hacking subject matter expertise into team processes
  • Drive improvements in the security testing practice to include execution methodology and metrics
  • Partner effectively with development and infrastructure teams to integrate security
  • Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend secure coding practices
  • Drive awareness and knowledge of security in developers
  • Effectively communicate technical issues to non-technical leaders
  • Continually improve proficiency in application and API exploitation, tools, techniques, and countermeasures
  • Conduct Dynamic Application Security Test (DAST) using Qualys, or VeraCode
  • Work within the DevSecOps model to secure Containers, withing ROSA, Tekton and OpenShift pipelines
  • Possess a knowledge of CICD orchestration tools such as Jenkins, GitLab, or Bamboo.
 
 
 

--

Thanks and Regards

Akhilesh Pandey

Technical Recruiter

(513)270-8002

akhilesh@hamptontechinc.com

Hampton Technology Inc

6117 Kensington trail, Middletown,Ohio 45044




For Hundreds of active US jobs click        C2C Requirements

For daily Corp to corp hotlist  click ,      C2C hotlist

Follow us for more remote jobs and Hotlist

Post a Comment

Previous Post Next Post