Job Description
Required Skills
8+ years of experience in Application Security & Industry Standards (OWASP, NIST)
• 8+ years of experience in Secured Software Development Life Cycle (SSDLC)
• 8+ years of experience in Threat Modelling & Risk Assessments
• 5+ years of experience in Application Scanning for Vulnerabilities (SAST, DAST)
• 8+ years of experience in Integration of Security in CI/CD Pipeline, DevOps, Dev SecOps (Azure, Jenkins)
• 8+ years of experience in API Security & Access Controls (OAuth, SAML, SSO)
• 8+ years of experience in Cloud Security
• 8+ years of experience in Security Frameworks (NIST, ISO 27001, PCI-DSS, SOC 2, HIPAA, GDPR, FedRAMP, HITRUST)
• 8+ years of experience in Vulnerability Management & Penetration Testing
• 8+ years of experience in Incident Response & Security Operations
• 8+ years of experience in Security Training & Awareness
• 8+ years of experience in Agile Environment Collaboration
• 8+ years of experience in Project Management
• 8+ years of experience in Cross-Functional Team Collaboration
• 8+ years of experience in Client Engagement & Communication
• 8+ years of experience with Operating Systems: Windows Server, Apache, Microsoft IIS, Windows, Linux, VMware, Citrix
• 8+ years of experience with Technology Stack: ASP, .NET, Visual Basic.NET, Visual Basic, Cold Fusion, JavaScript, HTML, C++, C#, MS PowerApps, Python, Powershell, Shell Scripting, Selenium
• 8+ years of experience with Security Tools - Must Have: VERACODE, IBM Appscan, SD Elements, Burp Suite
• 8+ years of experience with Security Tools - Plus to Have: CHEKMARX, Fortify, Prowler, SonarQube, SNYK, Wireshark, OWASP ZAP, Rapid7, STRIDE
Objective:
Evaluate Application vulnerability scan reports
• Document application vulnerabilities found in scan reports and define vulnerabilities mitigation SLAs
• Assess if the application vulnerabilities found in scan reports are within the Agency Risk Appetite
• Communicate and report application vulnerability findings to Business Owner(s) and IT Heads
• Develop application vulnerability mitigation strategy and mitigation controls to make the applications secure within the agency infrastructure environment
• Evaluate mitigated application vulnerabilities with development teams to perform security accreditation for production deployment
• Enforce Risk Acceptance Letter for applications seeking production deployment with unmitigated application vulnerabilities requiring approval from Business Owner(s), IT Head and CISO
Job Tags
Remote work
Similar Jobs
Scenthound Euless, TX
A local dog grooming service is looking for a motivated Dog Bather to grow into a Professional Groomer in Euless, TX. No grooming experience is needed as training will be provided. Responsibilities include bathing dogs, assisting groomers, and ensuring a safe environment...
Mission Hospital
...Last year our HCA Healthcare colleagues invested over 156,000 hours volunteering in our communities. As a Psych ED Registered Nurse with Mission Hospital you can be a part of an organization that is devoted to giving back! Job Summary and Qualifications The Registered...
Neighborhood Learning Alliance PGH
...Job Description Job Description Title: Teaching Assistant (TA), Summer College Readiness Program -High School University (HSU) Reports to: Social Worker, College and Career Readiness FLSA Status : Non-Exempt Employment Status : Part-time Half-day 12...
ZTRIP KY
Transportation Dispatcher Keep zTrip Moving zTrip is North Americas largest taxi company, operating over 6,000 vehicles across 38 cities. Our mission is to provide safe, reliable transportation that keeps people and communities connected every day. Were looking...
Chenega Corporation
...technology and take your career to the next level! At Cyberstar, we aim to analyze and... ...role collaborates with engineering, architecture, and development teams to ensure an optimized... ...to do their best work every day. From entry-level employees to senior leaders, we...