Cyber Security

at Talentmovers Inc
Published March 11, 2023
Location Plano, TX
Category Default  
Job Type Full-time  

Description

Job Description

Hands on Experience/ Primary Duties: 

  • Cyber Threat modeling and risk assessment
  • Cybersecurity requirements definition, code review, design guidance for development teams
  • Cybersecurity testing to include pen testing and formal verification efforts where needed
  • Deliver secure code review assessment on programming languages such as Java, C#, PHP, Python, Perl, C/C++ , SQL, >
  • Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques
  • Train and assist developers in writing secure software and remediating existing vulnerabilities
  • Develop and review custom vulnerability description, business impact and remediation content
  • Develop, research and recommend open-source tools assisting in secure code review
  • Contribute to development and delivery of secure coding and remediation training
  • Mentor and assist team members in effectively delivering assessments and enhancing skillsets
  • Recommend best practices to integrate and automate application security testing in SDLC

Basic Qualifications:

  • 3+ years of experience in application security including secure code review, web application penetration testing or threat modelling
  • 2+ years of experience in secure code review / static application security testing
  • Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code
  • Ability to explain risk and business impact of security vulnerabilities in source code to variety of audience
  • Bachelor's Degree in Computer Science/ Engineering or equivalent with GPA of 3.0 or higher

Preferred Qualifications:

  • Experience in detecting, analyzing, and providing recommendation guidance on security vulnerabilities in at least two of the following languages: Java, C#, PHP, Python, Perl, C/C++ , SQL, >
  • Hands-on experience conducting security focused static analysis using commercial SAST tools such as Checkmarx, Appscan Source, Veracode, Coverity, Fortify and SonarQube
  • Experience in software development in at least one server-side programming language
  • Experience in integrating static application security tools

- provided by Dice