DevSecOPS Engineer

Hi,

Hope you Are Doing Well!!

 

Position: DevSecOPS Engineer

Location: Rancho Cucamonga, CA


Mandatory Skills:

 

  • Client will focus on running security tools on -premises applications, working with development team to implement Devsecops in CI/CD pipeline, etc.

Who are we looking for?

  • Looking for application and security analyst with minimum of total 3+ years of experience in conducting application and security tests against variety of technologies including web application, cloud, mobile and infrastructure as part of a team. Should be able to serve as a trusted advisor in helping customers with relevant decisions based on the findings of the reports and dashboards.



Technical Skills:

  • Conduct application and security assessment and penetration tests against variety of technologies including web application, mobile, cloud, as part of a team
  • 3+ years of working experience of Static and Dynamic Application Security Testing of web applications, web services, APIs and microservices including on cloud
  • Working experience and good understanding of application development, SDLC process and DevSecOps
  • Good knowledge of Static & Dynamic Application Security Testing tools
  • Good information security threat & risk-based prioritization abilities
  • Should be very strong on running security tools on -premises applications, working with development team to implement devsecops in CI/CD pipeline, etc
  • Analyze vulnerability reports, segregate & prioritize the vulnerabilities, and do impact analysis, risk assessment, and identify false positives
  • Good foundation of common software vulnerabilities and their remediation/ mitigation techniques
  • Assist with determining and defining appropriate testing scope
  • Work collaboratively with a variety of internal stakeholders to deliver high quality penetrations tests
  • Provide reports which highlight and clearly articulate vulnerabilities and weakness to clients in terms they understand
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading security assurance services to our internal clients
  • Maintain a relevant skill with which to conduct penetration testing in the following domains:
  • Infrastructure
  • Application
  • Mobile (iOS, Android)
  • Code review
  • Work independently or as part of a team on penetration tests
  • Work with global team and external entities to deliver Security Assurance services
  • Analyze and review security issues identified
  • Supplement automated assessment techniques with manual security assessment approaches
  • Communicate security issues identified and mitigation/remediation options
  • Should be able to articulate technical concepts in plain words to non-technical community
  • Provide regular assessment progress updates that include sufficient detail to convey work completed and upcoming activities
  • Research new and emerging threats, counter controls, and technologies on various platforms
  • Pentesting skills and experience in application/infrastructure/mobile
  • Understanding of the security mechanisms associated with applications, Operating systems, Networks, Databases, Virtualization, and cloud technologies



Should be well versed with the following:


  • TLS transparency log analysis
  • Scheduled web application penetration testing
  • Application Manual & automated testing
  • External penetration testing
  • Multi-factor authentication (MFA) assessment
  • Vulnerability management program enhancements
  • Programming /scripting skills
  • Experience working with NIST, OWASP, MITRECWE, MITRE ATT&CK etc.
  • CREST/OSCP/SANS or equivalent pentesting certification
  • Tools experience in security assessment tools (e.g. NESSUS, NMAP, BurpSuite,ZAP,OWASP tools, Kali Linux tools)
  • Experience in Automating Security tests using scripting languages (e.g., Python, Perl, Ruby)
  • Good Written & Verbal Communication Skills


Presentation Skills

  • Define and assist in the creation of operational and executive security reports and dashboards




Regards,


Javed Shaikh

VBeyond Corporation

IT Recruiter

Desk # +1-862-339-4170 | +1- 854-400-4169

E: Mohammadj1@vbeyond.com | www.vbeyond.com

390 Am well Road, Suite # 107, Hillsborough, NJ 08844


 

.........................

Disclaimer:

We respect your Online Privacy. This is not unsolicited mail. Under Bill S 1618 Title III passed by the 105th US Congress this mail cannot be considered Spam as long as we include contact information and a method to be removed from our mailing list. If you are not interested in receiving our e-mails, then please reply to (Mohammadj1@vbeyond.com) subject=Remove. Also mention all the e-mail addresses to be removed which might be diverting the e-mails to you. We are sorry for the inconvenience.



Comments

Popular Posts