National Labor Exchange Veterans Jobs

nlx logo

Search Jobs from Veteran Friendly Employers

Job Information

Kforce Senior Application Security Engineer in Hillsboro, Oregon

Kforce has a client in search of a Senior Application Security Engineer in Hillsboro, Oregon (OR).Summary:The Engineer is responsible for the maintenance, uptime & availability and scan performance of Static Code Analysis (SAST), Dynamic Web App Analysis (DAST), Component Lifecycle Management (CLM) and Mobile Application Assessment capabilities. The Engineer shall ensure proper configuration of the platforms, maintain operational processes, troubleshoot scan issues, escalate issues to the vendor, collaborate with other ASM teammates to ensure proper scan configurations & integrations. The Engineer should have a strong understanding of application security issues, such as issues identified in the OWASP Top 10 and common coding defects and be able coordinate with developers regarding findings, provide remediation guidance and completion of day to day tasks associated with maintaining the platforms.Responsibilities:

  • Maintain the day to day operations, configuration and scaling of the SAST, DAST, CLM & Mobile Automated assessments

  • Assist with the development and maintenance of automations as part of the enterprise DevSecOps model to ensure assessments are being performed regularly and data results are available for consumption by stakeholders

  • Be subject matter expert on common web application security findings such as the OWASP top 10 and provide remediation recommendations

  • Assist with false positive reports from developers for findings from the static or dynamic assessment platforms and develop false positive reduction strategies and guidance

  • Support triage and validation of security vulnerabilities detected in production and/or reported via responsible disclosure processes

  • Maintain and compose operational process documentation regarding program execution

  • Interface with other CIS organizations such as Governance, Risk, Business Information Security and Threat Intelligence

  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience

  • 5 years of IT professional experience, with previous information security experience

  • Direct experience maintaining enterprise level static & web application assessment platforms such as Microfocus Fortify & WebInspect, Veracode, WhiteHat, AppSpider, etc.

  • Intermediate to advanced knowledge of secure code development practices and OWASP Top 10 web application security issues

  • Expertise in interpreted languages (Python, JavaScript) and compiled languages (Java, .NET) with full-stack development experience and strong knowledge of software development lifecycles

  • Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP

  • Experience with data analytics with the ability to provide qualitative analysis and recommendations

  • Strong verbal and written communication skills

  • Strong attention to detail, data accuracy, and data analysis

  • Self-motivated and operates with a high sense of urgency and a high level of integrity

  • Previous experience working in large scale environments with diverse technologies

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.Compensation Type:Hours