Sr. Security Engineer at Horizontal Talent in Atlanta, Georgia

Job Description:

Our client is seeking a seasoned Sr. Security Engineer to join their dynamic team. The successful candidate will have a comprehensive understanding of all aspects of Cybersecurity and will apply their technical application security testing expertise to assist in identifying application vulnerabilities.

Key Responsibilities:

- Conduct Static Application Security Test (SAST), Dynamic Application Security Test (DAST), and Source Code Analysis (SCA) using VeraCode

- Correlate findings from tools such as VeraCode Source Code Agent to identify the presence of vulnerable methods in code

- Research open-source community contributors and NIST NVD to understand residual risk and recommend a course of action

- Determine how frequently and quickly fixes should be delivered for open-source findings

- Review SCA reports to track new and changes to SCA components in the environment

- Work within the DevSecOps model to secure Containers, within ROSA, Tekton, and OpenShift pipelines

- Design, develop, plan, implement, and maintain Cloud DevSecOps processes across multiple technical organizations

- Provide operational support for container security tools (Palo Alto Prisma, Aqua, Wiz, or equivalent)

- Perform Baseline Image validation of new container template images

- Evaluate scan results for container runtime environments to reduce security risk

- Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend and apply secure coding practices

Qualifications:

- B.S. degree in Computer Science, Computer Engineering, Information Assurance, or related field

- Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development, or related field

- Hands-on experience working with Cloud and/or DevSecOps related technologies

- Excellent understanding of DevSecOps techniques and processes

- Experience building and supporting applications in the Cloud (AWS, Azure, GCP)

- Experience engineering software within an Amazon Web Services (AWS) cloud infrastructure

- Extensive knowledge of the OWASP Top 10

- Experience with vulnerability risk and impact assessment

- Excellent written and verbal communication skills

- Strong sense of urgency and ownership

Preferred:

- Extensive experience in application security and ethical hacking

- Extensive experience exploiting web, mobile, and application security vulnerabilities

- Extensive experience in software development

- Professional certifications such as AWS practitioner, cloud security certification for AWS, and CISSP

Join our client's team and contribute to a culture that values diversity, equity, and inclusion. Apply today to be a part of a team that is committed to creating a safe and secure digital environment.