Security Engineer Specialist

Location: McLean, VA


Security Engineer Specialist

All candidates must be either a US Citizen or hold a Permanent Resident Card as well as be a direct W-2 employee to our vendors.

Self-motivated Static Code Analyst with a focus and passion on working with application development teams to remediate software vulnerabilities and educate teams on secure coding practices.
In depth understanding of performing SAST (Static Application Security Testing) using Fortify SCA/AWB to perform secure code reviews as well as understanding of Fortify SSC and using custom filters.
Deep understanding of OWASP Top 10 and other categories of vulnerabilities.
Must be experienced in analyzing Java code along with understanding of common Java development tech stacks e.g. Spring MVC, and Spring Boot.
Must be experienced in analyzing Angular, Nodejs as well as python.
Must be able to use git/Bitbucket, Jenkins.
Must have Java development experience and be able to develop shell scripts (regex, python).
Must have good understanding of Software Composition Analysis (SCA) and FOSS.
Experience in Dynamic Application Security Testing (DAST) is desirable.
Understands Vulnerability Management and Governance process.
Ability to balance multiple SAST requests at once.
Must have excellent communication skills and be able to interact with multiple development teams.