Experience in Web Application Security, SSDLC and Threat Modelling with MS/BS degree in Information System management / Computer Science / Information Security or a related technical discipline
- Highly effective communicator; well-honed influencing and negotiating skills
- Success in implementing effective Secure SDLC frameworks across a large corporation.
- Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models.
- Operational knowledge of secure software development life cycle principles from training and requirements gathering to post-implementation operations support
- Well versed in web application design, penetration testing, application risk assessment and risk categorization
- Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
- Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
- Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
- MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Qualification & Experience:
- Deep knowledge and experience in using SAST, DAST and fuzz testing tools
- Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into the developers world
Vacancy Type: Full Time
Job Location: Suwanee, GA, US
Application Deadline: N/A