Us Citizen
Green Card
Corp-Corp
Consulting/Contract
UG :- - Not Required
PG :- - Not Required
No of position :- ( 1 )
Post :- 26th Nov 2020
Role : Security Engineer Consultant - Application Vulnerability Resolution
Location : Hoffman Estates, IL, Meriden, CT , Alpharetta, GA, St. Louis, MO, Dallas, TX, Bothell, WA , Middletown, NJ .
Duration : 12+ Months
Client : Tech Mahindra (GC or USC)
Job Description :
Experience working as a Professional Security Engineer/Consultant.
• 7+ years of expertise in leading Application Security development.
• 5+ years of experience in discovering, analyzing, and implement secure code to fix Common Application Vulnerability with Java/J2EE programming technologies.
• 3+ years experience on create Agile craft stories and provide resolution/path forward to remediate them. Individual must be able to review CVE’s/CWE's and suggest remediation path.
• 5+ Experince on Design Framework - Spring / OSGi, XML/JSON/Web Services.
• Proficient in web and/or mobile application development.
• 5+ Experience in vulnerability scanning tools, Veracode/ HCL AppScan is preferred.
• Must have experience on analyzing Static Scan and Dynamic Scan report.
• 5+ years of experience in discovering, analyzing, and exploiting application vulnerabilities and misconfigurations on IAM (Identity Access Management) systems.
• 3+ years of experience working collaboratively with other scrum teams in a cross functional environment to support delivery of IAM (Identify and Access Management) functions.
• Expertise leading application level activities in a cross functional team structure.
• Must have experience supporting complex Mission Critical applications.
• Experience on fixing Open Web Application Security Project (OWASP Top 10).
• Experience on fixing Common Weakness Enumeration vulnerabilities (CWE Top 25).
• Experience fixing application based on Publicly disclosed security vulnerabilities (CVEs) and open-source tools.
• Strong ability to align business process and requirements with a technical implementation.
• Must have analytical experience troubleshooting to investigate tickets, incidents, interruptions or bugs and isolate root cause.
Knowledge of the following tools and processes:
• Expert, hands-on knowledge working in Agile /Scrum/ SAFe delivery teams.
• Must have hands-on experience in JIRA, JIRA Align, JIRA Boards, Zephyr.
• Expert, hands-on knowledge on scanning tool Veracode/ HCL AppScan .
• Experience assigning estimates for units of work.
• Should be familiar with current and emerging technologies, tools and methodologies in the application security development.
• Understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) is preferred.
•Certifications
• Required: Minimum one (1) Security Certification like CIAM, CAMS, CompTIA Security+, CISSP.
• Required: Minimum one (1) SAFe Agile or Scrum Certification.