Application Security Tester
[atlanta, Ga, 30377], Not Specified
Employer: Saxon Global
Industry:
Salary: Competitive
Job type: Full-Time
Hi
Hope you are doing good.
We are looking for Application Security Tester. This is a full time position. Please check the job description and reply to me if you are available for this position.
Title: Application Security Tester
Location: Atlanta, GA (3 Days onsite)
Duration: Full Time/ Contract
Required Skills:
Preferred:
Key Responsibilities:
Thanks and Regards,
Manish Kumar
P: 972-430-7053 Email: manish.k@saxonglobal.com
Linkedin: linkedin.com/in/manishtechie14
Suite # 660 1320 Greenway Drive, Irving, TX 75038
Website: https://saxonglobal.com/
Hope you are doing good.
We are looking for Application Security Tester. This is a full time position. Please check the job description and reply to me if you are available for this position.
Title: Application Security Tester
Location: Atlanta, GA (3 Days onsite)
Duration: Full Time/ Contract
Required Skills:
- B.S. degree in Computer Science, Computer Engineering, Information Assurance or related field
- Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development or related field
- Extensive knowledge of the OWASP Top 10
- Conduct Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using VeraCode
- Experience with vulnerability risk and impact assessment
- Extensive knowledge with dynamic scanners like Palo Alto Prisma or VeraCode.
- Experience integrating security capabilities in cloud and application lifecycle management platforms especially in a DevOps model
- Extensive knowledge of the secure development lifecycle
- Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs, FindSecurityBugs, Brakeman and Open Source scanning tools such as Sonatype CLM
- Extensive knowledge with vulnerability scanners like Qualys and Tenable
- Excellent written and verbal communication skills
- Strong sense of urgency and ownership
Preferred:
- Extensive experience in application security and ethical hacking
- Extensive experience exploiting web, mobile and application security vulnerabilities
- Extensive experience in software development
- Extensive experience integrating secure coding techniques with product teams
- Professional certifications such as CISSP, CISM, OSCP and CEH
Key Responsibilities:
- Identify weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data
- Work within the DevSecOps model to secure Containers, withing ROSA, Tekton and OpenShift pipelines
- Possess a knowledge of CI/CD orchestration tools such as Jenkins, Tekton, GitLab, or Bamboo.
- Provide operational support for container security tools (Palo Alto Prisma, Aqua, or equivalent)
- Perform Baseline Image validation of new container template images.
- Perform Vulnerability scans on container environments. Develop, test, and maintain containerized applications security
- Troubleshoot any connectivity or operational issues.
- Ensure security requirements are implemented within various stages of the system development lifecycle process; work closely with development teams to pen test new features within internally developed applications
- Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend secure coding practices
- Validate and address vulnerability / threat findings from static and dynamic analysis tools
- Characterizes threats and provides recommendations for remediation; manages remediation efforts to completion
- Develops and presents finding and remediation reports to audiences including team members from all department areas and levels of the company
- Perform security reviews of software designs and assist developers to ensure quality and robustness of our internal products
- Conduct security assessments against web applications and APIs across a variety of technology stacks
- Ensure adequate security requirements and privacy by design are built into all architecture/infrastructure/projects
- Integrating threat modeling practices into the application testing lifecycle
- Impart application security and ethical hacking subject matter expertise into team processes
- Drive improvements in the security testing practice to include execution methodology and metrics
- Partner effectively with development and infrastructure teams to integrate security
- Drive awareness and knowledge of security in developers
- Effectively communicate technical issues to non-technical leaders
- Continually improve proficiency in application and API exploitation, tools, techniques, and countermeasures
Thanks and Regards,
Manish Kumar
P: 972-430-7053 Email: manish.k@saxonglobal.com
Linkedin: linkedin.com/in/manishtechie14
Suite # 660 1320 Greenway Drive, Irving, TX 75038
Website: https://saxonglobal.com/
Created: 2024-04-30
Reference: SG - 81123
Country: United States
State: Not Specified
City: [atlanta, Ga, 30377]