Listing Description
Roles & Responsibilities:
- Review and design application security controls and cloud security architectures.
- Conduct manual secure code reviews and assessments for web, non-web, and cloud applications.
- Interact with developers to gather source code details, conduct code reviews, and provide remediation assistance.
- Document vulnerabilities and assist with mitigation.
- Validate fixes on reported vulnerabilities.
- Coordinate with local and onsite teams, including vendor consultants.
- Provide regular status updates on tasks and deliverables.
Qualifications:
- A bachelor’s degree in computer science or a related discipline is preferred.
- 4-5 years of experience in secure coding and code reviews.
- Proficient in identifying OWASP Top 10 vulnerabilities and SANS Top 25 programming errors.
- Strong knowledge of secure coding principles in Java, Angular/Node JS, JavaScript, Python, Ruby, etc.
- Familiar with security frameworks (OWASP, SANS CWE) and secure coding practices.
- Experience with web stack technologies (HTTP, HTML5, AJAX, REST) and platforms (Tomcat, .Net, MS SQL).
- Skilled in creating custom proof of concept application exploits using various scripting languages.
- Understanding of authentication and authorization mechanisms across web technologies and protocols (SSL/TLS, REST, OAuth, SAML).
- Knowledge of DevSecOps and cloud/container infrastructures.
- At least 4 years of development experience with 3+ years in secure code review and application security.
- Excellent communication and organizational skills.
- Relevant certifications (CSSLP, GSSP-Java, CSP) are a plus.
Listing Details
- Salary: $150000 - $170000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Full Telecommute