Need : Title || AppSAC : Application Security || Remote USA

[Snigdh Mishra]

Only H1B with PP Number

Title : AppSAC : Application  Security

Loation :  Remote

Duration:Contract

Implementation Partner:- Wipro 

Role Summary

The continuous integration or CI systems are tools that are used to auomate the build, test and deployment of apps. Some of them are Jenkins, Github, Gitlab CI, Github actions, Azure devops and Bamboo CI.

 

Mandatory Skills :

 

App Security - Code review, SAST, DAST, Checkmarx/Nexus (Need development Profile within Java) and core application security profiles

 

CI tools: Jenkins, Azure devops, Github actions, Gitlab CI

Mandatory: Jenkins and Azure devops

 

SAST and SCA tools: Checkmarx, Veracode, Fortify, Semgrep, Blackduck, Nexus IQ, Snyk, Checkmarx SCA

Mandatory: Checkmarx (Mandatoy) and Nexus IQ(Preferred)

Experience Qualifications

• 5+ years of experience SAST and SCA security tools; Checkmarx and CheckmarxOne, and Nexus IQ
• 5+ year of experience developing new queries and customizing the existing security tools queries that are not out of the box to find new vulnerabilities
• 5+ years of experience conducting end-to-end SAST and SCA analysis, using commercial application scanning tool.
• 5+ years of experience application onboarding, triaging, remediation with application teams and verifying proposed findings.
• 3+ years of recent, hands-on development experience, working with, or developing RESTful APIs in a modern, automated development environment – including a deep understanding of CI/CD.
• 3+ years, with expert-level skills, in SDLC workflow management tools like Jira, Confluence, SharePoint or similar.