Job Description :
Position title: Secure Code Tester
Location: Washington, DC
Duration: 12months+

Background:
The client is seeking one Application Penetration Tester/Secure Code Scanner contractor for the selected implementation at SBPASC. This individual will be primarily working on solutions for the Cyber Security Program, implementing the interactive application security testing (IAST) tool.

The candidate should be a Subject Matter Expert (SME) in quality assurance testing of code and must understand the effective use of cyber threat data to generate signatures, alerts and the use of other technologies to detect and react to the new threats.

Tasks:
- Scoping, sizing, and provisioning of installation environment with future scaling potential.
- Work with internal stakeholders to build scope environments required for testing.
- Implement and configure selected code scanning tool.
- Collaborate with developers across the organization to integrate security testing into every aspect of the SDLC.
- Conduct testing of the tool in selected pilot environment.
- Conduct operational vulnerability testing of applications before initial deployment and as they are subsequently updated. Identify the vulnerabilities that give malicious actors access to important content or systems.
- Contribute to the development of the implementation plan for 2018.

Required Qualifications:
Must possess an extensive knowledge of secure coding, information security concepts, network, system, and application vulnerability exploitation techniques and security system defense concepts. Should have a demonstrated ability to work effectively with Information Security tools in a large, complex, multi-platform environment. Must have experience with static application security testing (SAST) and dynamic application security testing (DAST IAST experience a plus.
Expertise in secure coding techniques, quality assurance testing, and IT security principals in general. Experience with the Software Development Life Cycle (SDLC Must know how to find and exploit an application vulnerability as well as preventative practices, especially in a Java and web based application environment. Mobile application is a plus.

Skills:

Good understanding of secure coding techniques and IT security principals in general
Very strong verbal and written communication skills (Critical)
Strong customer service skills with internal and external customers
Must be able to perform assigned tasks with minimum supervision
Strong analytical and documentation skills
Strong requirements elicitation, specification, and validation knowledge and experience
Excellent time management ability.
Self-starter with ability to work independently and flexibly, and collaboratively across all levels of associates. Excellent listening and empathy skills, with strong ability to develop consensus and buy-in;
Ability to provide creative thinking, problem solving, and structure in designing the desired architectural data encryption state;
Highly motivated, positive attitude with ability to work under pressure and balance multiple priorities.
Established credential(s) in industry recognized methodologies and standard bodies of knowledge in data encryption with demonstrated experience having implemented those in a live environment
Health Care Industry experience will be a plus.
Problem solving skills
Strong verbal and written skills to interact with global teams and customers

Software & Tools:

DAST, SAST, or IAST tools
Microsoft Office Suite
SRTS/Service Manager
SharePoint


Client : Federal

             

Similar Jobs you may be interested in ..