Job #: 2573

Title: Security Operations Engineer – Arlington, VA

Region:

  • Other
  • Job Type:

  • Contract
  • Contract Pay Rate:
  • $75-100
    • Anywhere
    • Posted 7 months ago

    ​Responsibilities

    • Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.
    • Implement  specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.
    • Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.
    • With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
    • Support security standards, create templates and patterns to increase the efficiency and adoption of security program.

    Basic Requirements:
    • Bachelor degree with 6 years of work experience in the IT field
    • 3+ years software development experience using Java, JavaScript
    • 1+ years of exposure to the following:
    o OWASP Secure Coding Practices
    o Common software and web application security vulnerabilities
    o Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools ( e.g., Jenkins)
    o REST API design & development
    • Desire to move to security field
    Even Better If You Have
    • A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field
    • Business acumen to support the implementation of SAST or DAST or IAST across the enterprise
    • Ability to perform code reviews with minimal assistance
    • A self-starter, with a strong desire for learning new technologies and applying them to solve problems
    • Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
    • Familiarity with public cloud services a plus
    • Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype
    • Experience with Threat Analysis.
    • Experience with DevSecOps, Secure SDLC.
    • DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus
    • Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus ​

     

    Your Name*

    Your Email*

    Your Phone*

    Your Message

    Please attach your Resume*