| IT Security Auditor || Onsite Dimondale, MI at Remote, Remote, USA |
| Email: [email protected] |
| From: Prabhat, VYZEINC [email protected] Reply to: [email protected] Job Description - IT Security Auditor (Need Local with LinkedIn) Onsite (Dimondale, MI) Skype Our client is seeking an experienced IT Security Auditor with a robust background in secure application development and security analysis in Dimondale, MI. This role requires expertise in Dynamic, Static, and Software Composition Analysis, and involves close collaboration with development teams to enforce secure coding practices. The ideal candidate will be skilled in implementing security patterns and automation tools and will contribute to the organizations secure software development practices. Responsibilities: Perform Dynamic, Static, and Software Composition Analysis assessments on applications. Collaborate with front-end, back-end, and cloud-based application developers to ensure secure coding practices. Lead the implementation of security patterns and practices with orchestration and automation tools. Automate secure configuration, verification, compliance, and authorization processes. Enhance the organizations secure software development practices through effective collaboration and leadership. Qualifications: 5+ years of total IT experience. 3+ years implementing/utilizing Federal, Industry, and Open-Source Security Guidance and Secure Coding Practices (e.g., OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance). 3+ years working with compiled and interpreted languages (e.g., Angular, React, Node.js, Java, Spring Boot, IBM WebSphere, Oracle JBoss, .NET stacks). 3+ years with networking, infrastructure, secure application development, and security automation (DevSecOps). 3+ years of hands-on experience in building and deploying secure, complex distributed web and mobile applications. Experience with application security scanning tools (e.g., SAST, DAST, SCA, ASOC, Container/Cloud) and familiarity with tools like Coverity, BlackDuck, STRM, Fortify. Knowledge of HTTP Request/Response headers, Cross Site Scripting, Injection attacks, SSRF, CSRF, XML entity, API Security, JWT, OAUTH/OIDC/PKCE, web and API replay attacks, and cloud development (Azure, AWS, GCP) Keywords: javascript information technology Michigan IT Security Auditor || Onsite Dimondale, MI [email protected] |
| [email protected] View all |
| Thu Aug 22 03:15:00 UTC 2024 |