Desired Skills and Experience
- Experience designing Web/Mobile
application security testing solutions
- Desired: At least 3+ years on experience in any major
DevOps tool-chain (Veracode, Jenkins, Qualys, Fortify, SonarQube, GitHub,
Code quality tools) implementation and automation.
- At least 8 years on experience with web application, web
service implementation, infrastructure scans.
- At least 2 years of experience with SAST (Appscan/Veracode
or similar) tools Web application background is required, along with a
desire for continued learningâs for new programming languages, techniques
and related security issues.
- Familiarity with the OWASP framework and application
security best practices. Understanding of Software Security
Architecture and Design, SDLC and the ability to clearly articulate best
practices for application security
- Passion to work on newer technologies and explore the
security domain.
- Strong written and verbal communication skills.
Specific relevant experience should include writing and presenting
application security assessment reports. Candidate should have experience
making and defending sound technical arguments that incorporate relevant
technical and business considerations, and building consensus among
stakeholders.