The qualified candidate for this role should possess the following qualifications:
Minimum 7 years of hands-on experience designing and developing full-stack web apps and systems using the MERN stack that leverages modern security methods and best practices.
Demonstrable expertise with Node js and an API framework (e.g. Express, Next.js, Fastify, etc)
Excellent Knowledge of secure coding and development practices and good knowledge of remediating common vulnerabilities and exploit techniques.
Experience with API security, container security, cloud policy, configuration, and security management tools.
Solid understanding of Secure SDLC (SSDLC), CI/CD, and cloud security
Proficiency in SSO and cert-based authentication mechanisms
Demonstrable experience applying security best practices such as principles of least privilege and defense-in-depth
Direct and recent working experience supporting software development compliance with at least one of the following: Fedramp, HITRUST, SOC 2, ISO 27001.
Excellent English communication skills, both verbal and written.
Ability to thrive in a fast-paced environment and adapt to changes seamlessly.
Demonstrable experience owning complex projects from inception to completion, with efficiency and organization.
Thrive in cross-functional environments and effectively collaborate with a wide range of stakeholders and teams.
Nice to haves
Any of the relevant certifications such as CISSP, CCSP, OSCP
Experience with MongoDB database security best practices
Good working knowledge of FedRamp, and supporting software development compliance for applications and systems developed for the US federal government.
Experience with SalesForce security best practices
Good hands-on experience with Splunk
Good working knowledge of software development with Python.
Bachelor's degree