Description

Info Security analyst senior
Location : Remote
Experience: 10+ years
Job Type: W2 C2H 
"Not open to sponsored candidates at this time" 

Must Haves: Experience with OWASP (Top 10). SAST is a must. SCA & DAST are preferred. Checkmarx & Fortify are strongly preferred, but open to comparable tools. Experience with Jenkins & Groovy. Experience with UNIX and shell scripting. Development experience with Java & JavaScript is also must
Hands on experience in conducting source code scans and triaging/dispositioning findings based on OWASP Top 10 vulnerabilities.
• Deep Knowledge and understanding of SAST/DAST/SCA tools, with particular focus on Checkmarx, and Fortify.
• Full Stack software development experience with languages such as Java & JavaScript.
• Experience with Databases and writing SQL queries for databases such as Oracle, IBM DB2, SQLServer, etc.
• Strong understanding of CI/CD architecture & organization, plugins integrations, and evaluation of tools to be used for various use cases.
• Knowledge and working experience of Groovy, and Shell scripting.
• Strong understanding and working knowledge of UNIX & Linux.
• Working knowledge of various SCM systems, such as Bitbucket, GitLab, Azure DevOps, TeamForge.
• Jenkins Server configuration and management.
• Solid understanding of and ability to provide solutions to fix application vulnerabilities.
• Knowledge of AWS components, such as EC2, S3, RDS, ELB, Lambda, CloudFormation, auto-scaling, ElastiCache, VPC.
• Hand-on experience with Docker.
• Working knowledge of various package managers such as Maven & Gradle.
• Understanding of Infrastructure as Code (IaC) and scanning IAC for vulnerabilities.

Education

Any Graduate