Posted today
Secret
Unspecified
Unspecified
IT - Security
Alexandria, VA (On-Site/Office)
Job Details
The Application Security Engineer will perform the following:
Minimum Qualifications
Other Job Specific Skills
#CJPost
Job Requirements:
The Application Security Engineer will perform the following:
- *Defines, maintains, and enforces application security best practices
*Conduct vulnerability assessment and manual/automated code reviews
*Demonstrate vulnerabilities to application owners and provide mitigation recommendations
*Proficient in any SAST, DAST, and OSA tools.
*In depth knowledge with any programming language like Java, .NET, C#, etc.
* Performs and conducts penetration tests and manual/automated code reviews.
*Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
*In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc.
*Identify AppSec related tools/conduct tool analysis, and provide recommendations - Vulnerability Management Specialist will have at least five years of working knowledge and hands-on experience with five or more of the following tools: BurpSuite, SonarQube, OWASP/Maven, Fortify, Tenable, STIG Viewer, AWS Security Hub, AWS Inspector, ePO, ServiceNow, Jira, ADO, eMASS or equivalent GRC Tools.
Minimum Qualifications
- Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline and a minimum of 5 years of working knowledge and hands-on equivalent relevant experience.
- Candidates must have a Security+ certification or similar
- Candidates must have an active secret security clearance.
- Position requires on-site work in Alexandria VA 2-3 days/week.
Other Job Specific Skills
- Working knowledge and hands-on experience with the following:
- BurpSuite
- SonarQube
- OWASP/Maven
- Fortify, Tenable
- STIG Viewer
- AWS Security Hub
- AWS Inspector
- ePO, ServiceNow
- Jira
- ADO
- eMASS or equivalent GRC Tools
#CJPost
Job Requirements:
- *Defines, maintains, and enforces application security best practices
*Conduct vulnerability assessment and manual/automated code reviews
*Demonstrate vulnerabilities to application owners and provide mitigation recommendations
*Proficient in any SAST, DAST, and OSA tools.
*In depth knowledge with any programming language like Java, .NET, C#, etc.
* Performs and conducts penetration tests and manual/automated code reviews.
*Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
*In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc.
*Identify AppSec related tools/conduct tool analysis, and provide recommendations
group id: 10238000
N
