AppSec Architect

VDart Inc is the leading global provider of digital solutions, products and talent management company providing digital technology solutions in Automotive, Manufacturing, Energy & Utilities and Healthcare Industries. Led by a strong global team located across 10 countries including USA, Canada, Mexico, Brazil, UK, Japan, Australia & India. We are currently accepting applications from staffing firms for our Preferred Partner Program, where we align niche staffing firms with specific verticals based on their strengths. To apply, please visit: ;/p> AppSec Architect Atlanta, GA Contract JOB DESCRIPTION

• Conduct application security testing to comply with corporate policies, and regulatory requirements. Coordinate and execute application security tests, communicate the results to relevant stakeholders, and help application developers understand how to fix code security issues.

• Conduct thorough application security penetration tests
• Work effectively with a cross-functional team to plan, execute, and communicate findings from application security testing
• Work with application owners to improve their knowledge and practical application of information security best practices, including but not limited to threat assessment, vulnerability prevention and secure coding practices.
• Partner with DevOps team to ensure application security tools such as SAST and DAST are performing well and generating accurate testing results.
• Flexibility to change direction and manage conflicting demands.

• 10 years progressive Information Technology experience or equivalent specialized skills with 6+ years of application security experience.
• Experience in running & administrating static analysis (SAST) and dynamic analysis (DAST) tools and processes.
• Experience in conducting and training application penetration testing
• Experience in Cloud Security.
• Experience and strong understanding of DevSecOps processes, tools, and integrations.

• Strong knowledge and ability to work with DevOps teams on the processes and integrations.
• Strong web application security knowledge with thorough understanding of web, mobile, and API testing
• Knowledge of application security architecture and ability to perform risk assessments on identified applications.
• Knowledge of DevSecOps processes and ability to work with the concerned stakeholders to deliver the results for security integrations in DevOps.
• Development background in .Net, Java, and/or Python a plus
• Strong knowledge of Security Standards, frameworks, and groups (OWASP, WASC, OSSTMM)
• Knowledge of the software development lifecycle under agile environment in a large enterprise
• Knowledge of database, application, and Web server design
• Knowledge of current and emerging security technologies, threats, and techniques for exploiting security vulnerabilities
• Knowledge of public cloud services

• Bachelor's degree in Computer Science, Information Technology or equivalent
• Advanced degree preferred
• Certifications including GWAPT, GWEB, GPEN, OSCP, CSSLP, CASE, or similar preferred