Us Citizen
Green Card
Corp-Corp
Consulting/Contract
UG :- - Not Required
PG :- - Not Required
No of position :- ( 1 )
Post :- 1st Feb 2022
JD:
Automation - Writing python scripts to manage Fortify and CheckMarx administration/reporting tasks using Rest API
Integration - Integrating AppSec tools with SDLC process/Build pipelines like Jenkins, Flow, Concourse , TeamCity
Integrating viper services with whitesource to publish its results in fortify.
Optimization - Making configuration changes to fortify code Analyzer to better support scanning different languages.
Creating templates/policy by analyzing dataset and results using fortify workbench, making configuration changes in fortify to implement new templates to reduce false positives.
POC – Doing proof of concepts with multiple products (ShiftLeft, GitHub Advanced Security, NetSparker, Rapid7) to replace our existing scanning tools.
User Administration on Fortify, CheckMarx , Whitesource security tools
Handling viper token requests and onboarding activities on all SAST/DAST tools.
Onboarding meetings with project owner/principle to understand application architecture and find right solutions(SAST/DAST)
Taking care of all requests/Queries come through email, Slack channels.
Working on Ad-hoc tasks assigned to me as stories in Pivotal Tracker
Performing routine health check of all our AppSec tools and viper Architecture.
Monitoring Scan Servers(Unix/Windows) for any errors/issues and performances.
Investigating the reason for scan failures, working with developers to fix issues.
Monitoring source code payload differences in fortify, check for any incorrect/duplicate tokens used by different projects and work with developers to fix