Minimum Qualifications and Job Requirements:
• Bachelor’s degree in Computer Science, Information Technology or related discipline or the equivalent technical training and work experience;
• Must have at least 3 - 5 years of secure infrastructure experience, preferably in security domain;
• Professional security certifications such as CISSP, GWEB, GPEN, and GWAPT, etc. are preferred;
• Must have several years’ experience working on IT projects through discovery and delivery phases throughout the SDLC;
• Knowledge of Web Application Security and Languages such as HTML, JAVA, and .NET;
• Experience working with communication protocols such as TCP/IP, X.509, SSL, TLS, and SFTP;
• Experience with Web Services /SOAP/XML/PKI/Web API/AAA/ESB and their associated security related features;
• Experience with: Web Application Firewall (WAF), Public Key Infrastructure (PKI), SOC II Type II remediation and support;
• Must have strong analytical and problem solving skills;
• Knowledge and hands-on skills with application security testing tools such as HP Fortify (SAST), Rapid7 AppSpider (DAST), Burpsuite and Zed Attack Proxy;
• Knowledge and hands-on skills with threat identification, vulnerability validation, and a thorough understanding of issues and risks documented in the 2017 OWASP Top Ten;
• Knowledge and hands-on skills with vulnerability and threat analysis discovery tools, preferably Qualys;
• Must have advanced knowledge of project life cycle methodology and procedures;
• Must have excellent verbal and written communication skills and experience developing presentations to peer groups, and associates;