Applications Security Analyst – SAST (Static Application Security Testing)

Job Overview
Our client in the Elizabeth area of NJ has an excellent opportunity for an Applications Security Analyst – SAST (Static Application Security Testing)! 
 

Responsibilities:

  • Partners with developers and business owners from applicable technical teams to conduct application security assessments. The individual will work closely with technical teams to analyze potential impacts and pitfalls associated with threats as well as vulnerabilities; based on software coding patterns. The candidate will advise various technical teams on options to mitigate accordingly.
  • This position will be reporting to the Manager of Application Security.
  • Reviews code for security vulnerabilities and practices dangerous to security and privacy.
  • Writes custom rules on automated source code scanning tools.
  • Designs cloud and virtualization based technologies, e.g. Amazon Web Services (AWS), VMWare and Docker.
  • Builds security into infrastructure and architecture designs and guide the implementation with the operations team.
  • Script (Python, Perl, Ruby) and builds automation tools on an ad-hoc basis.
  • Creates and delivers knowledge sharing presentations and documentation to developers and operations teams.
  • Learns on the job and explores new technologies with little supervision.
  • Writes reports including recommendations, root cause analysis, security summary analysis, and project roadmaps.

 

Requirements:

  • Bachelor’s degree in computer science.
  • Requires a minimum of 4 years of technical work experience reading code in the following languages: Java, JavaScript, Objective-C, C++, C#, Python, Perl, etc., and preferably developing web applications (or a Master’s degree and 2 years of technical work experience reading code and preferably developing web applications).
  • Additional licensing, certifications, registrations: SANS Certifications; Programming Certifications.
  • Common vulnerabilities in the OWASP top 10 list.
  • Protocols/technologies such as: SOA, HTTP, SSL, LDAP, JDBC, Servlet/JSP, SQL, HTML, XML.
  • Java Application and Java Application Server administration/tuning.
  • Amazon Web Services (AWS) and/or VMware vCloud and/or Docker.
  • Ability to program in one of the following programming languages: Java, C#, C, C++.
  • Ability to understand software design algorithms.
  • Ability to write scripts in languages such as Python, BASH, or PowerShell for automation.
  • Ability to read and debug code.
  • Must have excellent verbal, written and interpersonal communication skills.
Job Detail
Shortlist Never pay anyone for job application test or interview.