Candidates MUST have strong development background, Java, React and Node as well as extensive understanding of validating developed applications security tools are optimized for current and future needs.
Experience with X-Ray, HCL Opensource Analyzer and SAST Scanning tools (SonarCube, Veracode etc.) highly preferred.
PREFERRED QUALIFICATIONS: • X-Ray, HCL Opensource Analyzer • SAST Scanning Tools such as Veracode, SonarCube or HCL Appscan • Experience using Agile, Waterfall, or hybrid methodology
Primary Responsibilities: • Ensuring security tools related to in house developed applications are optimized for current and future needs. Primarily this will involve working with vendor support, modification of configurations within tools, and providing documentation necessary to describe maintenance activities. • Assist with setting security direction for DevOps. Primarily this will involve participation in committees, groups discussions, and providing input to leadership presentations on secure development. There is likely research work that will be completed as part of this activity. • Mentoring and training other security team members and development teams. Primarily this will be via short demo’s and work sessions with security team and developer groups. • Assist with resolution to security vulnerabilities. Primarily this will be working with development team to identify false positives, providing recommendations for remediation of actual vulnerabilities, and providing recommendations on risk to security leadership. • Provide coding assistance on security developed tools. Primarily this will be light coding and scripting needed to support tools that specifically assist with optimizing the partnership between security and development teams. • Propose, create and update in house developed applications and scripts to support the security team needs that drive efficiency and enhance user experience.