AppSec SAST & DAST

• Jobseeker Video Testimonials 
  
• Employee Glassdoor Reviews
  

We are an IT Solutions Integrator/Consulting Firm helping our clients hire the right professional for an exciting long term project. Here are a few details.

We are looking for a skilled professional with deep expertise in application security engineering and DevSecOps practices. The ideal candidate will have strong knowledge of secure development practices, application deployment, and security assessments. This role requires close collaboration with both development and infrastructure teams to ensure secure operations and effective threat monitoring.

• Service Level Agreement (SLA) Compliance: Ensure full compliance with SLAs defined for DevSecOps services.
  
• Application Security Engineering: Apply in-depth knowledge of security engineering principles to assist development teams in implementing secure development practices. This includes security design reviews, architecture reviews, threat modeling, security testing, secure code reviews, and secure build processes.
  
• Secure Application Operations: Maintain a thorough understanding of application deployment, configuration baselines, and secure operational environments. Manage exception handling during operations.
  
• Process Improvement: Facilitate the use of technology-based tools or methodologies to enhance the monitoring, management, and reliability of security services.
  
• Security Assessments: Conduct both manual and automated security assessments of applications to identify vulnerabilities.
  
• Issue Tracking and Resolution: Actively participate in triaging and defect tracking processes. Collaborate with development teams to prioritize and fix security issues at the code level.
  
• Team Collaboration: Act as a liaison between the application development and infrastructure teams, integrating monitoring and operations processes with secure development, testing, and management practices.
  
• Security Event Analysis: Identify, research, and analyze application security events, including new and persistent threats that could impact the client’s environment.
  
• Threat Monitoring: Perform continuous monitoring and tracking of threat actors and their tactics, techniques, and procedures (TTPs) that may pose a risk to the client organization.
  

• Strong knowledge of DevSecOps practices and service-level management.
  
• Expertise in secure development practices, including threat modeling, secure code reviews, and security testing.
  
• Experience in application deployment, secure operational environments, and exception management.
  
• Proficiency in manual and automated security assessments.
  
• Ability to collaborate across development and infrastructure teams.
  
• Proven experience in threat monitoring and analysis, including emerging threat landscapes.