| Quick Interview For Application Security Analyst Dallas, TX (Hybrid) (Local) at Dallas, Texas, USA |
| Email: [email protected] |
| From: Akash Kumar, Sonitalent Corp [email protected] Reply to: [email protected] Hi Hope you are doing well, We are looking for Application Security Analyst. Please let me know if you are looking for this role and send me your updated resume also Job Title: Application Security Analyst Location: Dallas, TX (Hybrid) (Local) Duration of project: 12 months+ Required visa: Any visa (Except H1B and CPT) Need local consultant only Candidate should have experience in Web Application Security Testing and Vulnerability Assessment. Knowledge of SAST, DAST, and IAST is required. Responsibilities: Provide technical security risk oversight of DSO Assurance processes. Review and approval of security vulnerability acceptance requests. Ensure adherence to security requirements and vulnerability remediation SLAs. Active participation in recurring security and vulnerability oversight meetings Assist with daily DevSecOps Security Assurance operational and enforcement processes for our current suite of security automation tools. Provide support to IT teams for enhancing security and protection controls in relation to security automation, CI/CD, DevSecOps, and vulnerability remediation. Participate in DevSecOps Security Assurance projects and initiatives as assigned. Qualifications Extensive experience working with widely used security automation technologies such as: Static Application Security Testing (SAST) Software Composition Analysis (SCA) Open-Source software vulnerabilities Dynamic Application Security Testing (DAST) Interactive Application Security Testing (IAST) Container and image security scanning API security scanning Practical experience analyzing vulnerability data to understand and communicate risks, concerns and outcomes of decisions. Experience with CI/CD pipeline tools and technologies such as Bamboo, Jenkins, GitHub, GitHub Actions, Artifactory, Nexus, Docker, Kubernetes, Ansible, or Terraform, and Atlassian Suite (Jira, Confluence, Bitbucket) Working knowledge of OWASP Top 10, SANS Top 25, NIST/NVD (National Vulnerability Database), CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), technical security vulnerability remediation/mitigation, and security risk oversight Strong, demonstrated analysis and problem-solving, communication, interpersonal skills. Professional security certification in good standing such as ISC2 CISSP, ISC2 Certified Secure Software Lifecycle Professional (CSSLP), GIAC Security Essentials Certification (GSEC), or CompTIA Security+ Recent software engineering experience is a plus. Experience with scripting languages such as PowerShell, Python, Bash, or Postman is a plus. Thanks & Regards -- Akash Kumar Technical Recruiter, Sonitalent Corp Direct:8596593266 || https://www.linkedin.com/in/akash-kumar-151a8025a/ [email protected] 5404 Merribrook Lane, Prospect, KY, USA. Keywords: continuous integration continuous deployment information technology Kentucky Texas |
| [email protected] View all |
| Sat Feb 03 04:55:00 UTC 2024 |