Roles and Responsibilities: ・「 Run client SAST/DAST/SCA tools, review outputs and provide recommendations ・「 Implement integrations for tools into pipelines, ticketing systems, etc.
Experience Requirements: ・「 2-3 years experience working in Application Security ・「 Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azuer Dev Ops, Jenkins, Bamboo, etc.) ・「 Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
・「 Deep knowledge of manual testing tools such as Burp Suite Pro ・「 Knowledge of and experience with SAST/DAST/SCA Application Security tools. Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred ・「 Experience with the integration of tools into development pipelines ・「 Understanding of a broad range of Application Security issues as well as their mitigation strategies ・「 Understanding of Application Security related vulnerabilities ・「 Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus ・「 Written communication skills for written interactions with clients ・「 Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information ・「 Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice ・「 Bachelor's degree in Computer Science or Information Security preferred ・「 Standard industry certifications are preferred