Sr Application Security Advisor

Overview

Hybrid
Depends on Experience
Contract - Independent
Contract - W2
Contract - 12 Month(s)

Skills

SASt
DAST
Application Security

Job Details

Job Title: Sr Application Security Advisor
Location: Reston VA (Hybrid Role)
Responsibilities:
  • Provide guidance and act as security advisors to Application development team, Application Security Engineers and Analysts.
  • Assist in the support of systems and tools supported by Secure Software development & Application Security
  • Integrate with development squads to identify and remediate vulnerabilities.
  • Review and interpret vulnerability scan results.
  • Provide guidance on fixing common security issues such as SQL injection and cross-site scripting.
  • Review static analysis results and provide secure practices guidance to development teams related to software
  • security defects and assisting them with remediation
  • Familiarity with SAST, DAST, IAST tools.
  • Strong communication skills to convey security risks and solution to development teams.
  • Triage findings from application security tools and provide actionable feedback to development teams.
  • Experience in one or more of the following languages (Java/Python)
  • Solid experience in AWS core services.
Requirements:
  • Coding Experience: Strong background in Java and/or Python.
  • Security Knowledge: Understanding of application security principles and common vulnerabilities.
  • Communication Skills: Ability to effectively communicate technical concepts and remediation steps to developers.
  • Cloud Basics: Familiarity with AWS, Microsoft Azure, or similar platforms (detailed hands-on experience is not required).
  • Tools: Experience with various scanning tools for static and dynamic analysis (specific tools not required as the process is similar across tools).
  • CI/CD Pipelines: Basic understanding of CI/CD pipelines and automated vulnerability scanning.
Preferred Qualifications
  • Experience in application security, particularly in reviewing and fixing vulnerabilities.
  • Knowledge of security best practices and secure coding standards.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.