Overview
Remote
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 6 Month(s)
Skills
DevSecOps
Python
Ruby
Go
Java
OWASP
Checkmarx
Fortify)
DAST (e.g.
Burp Suite
OWASP ZAP)
and SCA (e.g.
Snyk
WhiteSource
Jenkins
GitHub Actions
GitLab CI) and infrastructure as code tools (e.g.
Terraform
Ansible
Job Details
- 12+ years of software engineering experience with a focus on security automation or application security.
- Proficiency in Python, Ruby, Go, Java, or similar programming languages.
- Strong understanding of application security principles, vulnerabilities (e.g., OWASP Top Ten), and remediation techniques.
- Hands-on experience implementing and configuring security scanning tools such as SAST (e.g., Checkmarx, Fortify), DAST (e.g., Burp Suite, OWASP ZAP), and SCA (e.g., Snyk, WhiteSource).
- Familiarity with CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI) and infrastructure as code tools (e.g., Terraform, Ansible) is a plus.
- Solid understanding of software development lifecycle (SDLC) processes and how to integrate security automation seamlessly.
- Excellent problem-solving skills and ability to work independently and as part of a team.
Preferred
- Experience with cloud-native security automation (e.g., in AWS, Azure, or Google Cloud Platform environments).
- Familiarity with container security (e.g., Docker, Kubernetes) and related security scanning solutions.
- Knowledge of threat modeling and security risk assessments.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.