Vacancy expired!
- Senior Engineers that can architect
- Code reviews/Code security
- Primarily C#, .net
- Network knowledge is a must
- Penetration Testing experience – skill set where they can perform the basic pen testing internally
- WAF – Web Application Firewall, not tool specific, just how it works and what you need to look out for, overall high level understanding
- Azure cloud experience would be nice
- 5-7+ years in application security (prefer 1-2+ prior years in development)
- Advanced written and oral communications skills with the ability give a program overview to senior level leadership and clients.
- Able to build and manage a professional development and training program for Application Security Engineers and Architects
- Technical knowledge and experience performing code reviews / reviewing results of static analysis tools (preferred)
- Foundational knowledge of NIST 800-53 and the NIST Cyber Security Framework (CSF)
- Experience building out and operating a Secure DevOps program
- Experience with working with common commercially available and Open Source Dynamic and Static Application Security Testing solutions
- Extensive enterprise development experience in Java and/or .NET languages (preferred)
- Proven understanding of enterprise architectures and best practices for high-volume, high-availability web / mobile apps
- Certified in at least one or more of the following certifications: GCIH, GPEN, OSCP, GREM, CISSP, CISA, CISM or other Incident response certifications.
- Ability to travel (less than 20%)
Vacancy expired!