| |
Hello, We are looking for HP Fortify Resource. Location: Bellevue, WA Duration: Long Term Description: - Scrum with co located application and infrastructure teams in Bitbucket to review code and work through security challenges.
- Pair program with developers to remedy key issues
- Document and continuously refine security best practices and standards.
- Develop deep understanding of our business and technology and recommend changes in process.
- Partner with members of the Security org to work with leadership to provide status and reporting on the state of security across the entire application, infrastructure and corporate technical stack Perform and analyze Static Code Scans using Fortify to identify exposure to common security vulnerabilities.
- Analyze scan results from Fortify SCA and communicating remediating findings to with technical teams
- Aide development teams in the identification of false positives found in static code analysis
- Threat model existing and future applications.
- Create frameworks that allow our teams to find flaws before they are introduced into production environments.
- Provide monthly, quarterly and ad hoc reporting for trending, risk assessment, compliance, and active exception reporting of projects
- Maintain and implement enterprise security policies, standards, procedures and guidelines
- Have 2 years of experience as a security engineer in a production environment
- Have working knowledge of software build pipelines and tools like GitHub, Jenkins, Artifactory, etc.
- You have experience at least two languages of comfort, such as Ruby, Bash, Java, Python, Perl, or Go Working knowledge of TCP IP, ICMP, SSH, LDAP, DNS, and other low level Linux cli command and utilities
- Experience with HP Fortify, HP Web Inspect, and or HP Software Security Center SSC .
- Strong knowledge of application security weaknesses and vulnerabilities, remediation and mitigation techniques, and secure coding practices
Qualifications - Bachelor s Degree in Computer Science or similar field Minimum of 5 years of experience with application development and SDLC
- Minimum of 3 years of experience with application and information security CISSP certification in good standing
- Comprehensive understanding of common Application Security Vulnerabilities OWASP Top 10 SANS Top 25 CWEs
Thanks & Regards
Sujatha N
HCL Global Systems, Inc
Phone: 248 473 0720 #179
Email Id: sujatha@hclglobal.com | | | |
| |
To unsubscribe from future emails or to update your email preferences click here .
