Application Security

Job Description

Core Duties / Responsibilities:
Conduct remediation validations against prior findings
Conduct manual code reviews
Conduct static code analysis
Know false positive from true positive
Development experience in multiple languages
Consult with developers and architects on secure development
Work with application teams to communicate vulnerabilities, provide remediation guidance, demonstrate issues and work with developers to remediate and mitigate risks
Work on and track tasks via ticketing system
Familiar with AWS and other cloud technologies
Stay up to date on application security attack vectors and risks

Requirements/Skills/Qualifications:
Experience in multiple areas of Information Security
Extensive experience in web application security testing
Extensive experience in application security
Extensive experience in performing secure code reviews (both automated and manual)
Familiar with OWASP Top 10
Familiar with development methodologies
Experience with one or more programming languages
Ability to automate repeatable tasks
Strong verbal and written communication skills

Need:
Development experience
Experience working in large enterprises
Familiarity or experience with CI/CD pipelines and Agile methodologies
One or more of the following certifications (or similar): GPEN, GWAPT, GWEB, OSCP, CISSP, eCPPT, etc.
Familiarity with tools such as Veracode, Checkmarx, Fortify, Burp, IBM AppScan, and BlackDuck