Responsible for consulting with project teams to perform web application penetration tests prior to project launch
Provide code-level remediation advice on application vulnerabilities
Partner with project teams on remediation tracking and reporting ensuring vulnerabilities are addressed in a timely manner
Perform training for development teams on application security best practices
Coach and develop secondary team members
Act as mentor to other teams regarding secure application architecture and engineering reviews
Responsible for updating secure software development guidelines and input to enterprise standard
Provide assistance regarding configuration of developer static analysis tools
4+ years of information security experience
2+ years of full time experience testing web services or APIs and web applications
Excellent skills with problem solving, debugging and troubleshooting
Strong knowledge of Internet/Web technologies, including web browsers, HTTP, XML, JSON and HTML
Experience with APIs and understanding of HTTP and REST architectures
Experience with SCRUM & Agile Development Processes (via continuous integration and testing using Jenkins or equivalents)
Experience with build and release processes and tools such as Maven or ANT (preferred)
Experience in ASP.NET MVC (preferred)
Proven ability to work in a rapid release production environment
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
Please view Equal Employment Opportunity Posters provided by OFCCP here.
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.