Job Description :
MUST BE A GC, US CITIZEN (NO H4 EAD), GC EAD

LOCATION:
Florham park, NJ,
Woonsocket, Rhode Island
Phoenix, Arizona
Chicago, IL

Our health care Client is looking for a Full Stack Security Engineer who is passionate about designing and building secure plan computable working with both front end and back-end application developer, as well as in building, automating and securing on-premises as well as Cloud based applications, preferably on the Google Cloud Platform(GCP

The Selected candidate will be working with a strong team to help transform the way systems are built. Secured, authorized and securely operated for continuous compliance and risk mitigation. Specifically, this candidate will help LEAD efforts to implement security patterns with orchestration and automation tools that automate the secure configuration, verification, compliance and authorization of systems. They will be a key member of a team tasked with maturing the organization’s software development and security practices.

SKILLS REQUIRED:
· 7-10 YEARS OF PREVIOUS RELATED EXPEREINCE.
· Experience implementing utilizing Federal, Industry and Open Source Security Guidance and Secure Coding Practices (OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance, Safe Code etc
· Experience working with Agile methodology and phase-based delivery methods.
· Hands on experience with both compiled and interpreted languages such as Angular, Road, Node.is, Java, Spring Boot, IBM WebSphere App Server, Oracle JBoss.NET stacks
· Knowledge of and experience with networking, infrastructure, secure application development and security automation (DevSecOps
· Hands on knowledge building and deploying secure complex distributed web and mobile applications.
· Passionate about following best practices, including testing, security, and configuration management.
· Experience working with Security Compliance Frameworks (IS0 27001, NIST, PCl-DSS, HIPAA, Sarbanes-Oxley, SSAE16, SOC2)
· Experience with wooing with SAST and DAST tools like Data Theorem, Checkmarx, Nexus IQ, Veracode and or Qualys Web Application Scans
· Work collaboratively in a fast-moving, startup like setting.
· Provide guidance to the respective applications teams an how to remediate Pen Test, DAST, SAST Web Application and Mobile Application scan findings
· Automate security validation testing against on-premises and cloud based platforms.
· Work with Global Security office to translate traditional data center security controls and guidelines into cloud centric controls.
· Follow and instruct other on version control processes.
· Develop solutions to strengthen the security in and around applications.
· Analyze Industry specific requirements/technologies and provide Insight.
· Work with appropriate parties to raise issues and work toward resolution.

Preferred Qualification
· Experience with both front and backend software development.
· Experience with Continuous Integration / Continuous Deployment strategies and tools.
· Experience with cloud infrastructure and services such as Google Cloud Platform, Amazon Web Services (AWS) and/or Microsoft Azure
· Experience with Decker/Kubernetes and micro-seduces architecture.
· Experience applying application and service security patterns and practices.
· Experience utilizing Security teeing tools (scanned, static and dynamic coda analysis)
· Familiarity with Unix, Linux and Windows operating systems and application platforms.
· Excellent Interpersonal and communication skills.
· Logical approach and excellent problem-solving skills.
· Eagerness to team new technologies.
· Must be able to work well both in a team environment and independently.
· Must possess exceptional attention to detail.
· Comfort transferring previous development experience to to new technologies as they mature