• Us Citizen

• Green Card

• Corp-Corp

• Consulting/Contract

• UG :- - Not Required

• PG :- - Not Required

• No of position :- ( 1 )

• Post :- 1st Feb 2022

JD:

Automation - Writing python scripts to manage Fortify and CheckMarx administration/reporting tasks using Rest API

Integration - Integrating AppSec tools with SDLC process/Build pipelines like Jenkins, Flow, Concourse , TeamCity

Integrating viper services with whitesource to publish its results in fortify.

Optimization - Making configuration changes to fortify code Analyzer to better support scanning different languages.

Creating templates/policy by analyzing dataset and results using fortify workbench, making configuration changes in fortify to implement new templates to reduce false positives.

POC – Doing proof of concepts with multiple products (ShiftLeft, GitHub Advanced Security, NetSparker, Rapid7) to replace our existing scanning tools.

User Administration on Fortify, CheckMarx , Whitesource security tools

Handling viper token requests and onboarding activities on all SAST/DAST tools.

Onboarding meetings with project owner/principle to understand application architecture and find right solutions(SAST/DAST)

Taking care of all requests/Queries  come through email, Slack channels.

Working on Ad-hoc tasks assigned to me as stories in Pivotal Tracker

Performing routine health check of all our AppSec tools and viper Architecture.

Monitoring Scan Servers(Unix/Windows) for any errors/issues and performances.

Investigating the reason for scan failures, working with developers to fix issues.

Monitoring source code payload differences in fortify, check for any incorrect/duplicate tokens used by different projects and work with developers to fix