IT Security Auditor
نُشرت في :
19-02-2024
صاحب العمل نشط
1 وظيفة شاغرة
هذا المنشور غير متاح الآن! ربما يكون قد تم شغل الوظيفة.
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
الراتب الشهري
لم يكشف
لم يتم الكشف عن الراتب
عدد الوظائف الشاغرة
1 وظيفة شاغرة
نُشرت في :
19-02-2024
الوصف الوظيفي
Overview:
TekWissen Group is a workforce management provider throughout the USA and many other countries in the world. The Client below runs through fifteen executive departments which carry out the daytoday administration of the federal government. Popular departments like Agriculture and Rural Development Civil Rights Environment Health and Human Services Natural Resources Secretary of State. This Client has opportunities in a number of career pathways including but not limited to business and administrative support education and human services IT and computers medical and healthcare natural resources law enforcement and public safety skilled trades and more. With positions in over 18 state departments your perfect career fit is waiting for you at the client. This client is an Equal Opportunity Employer.
Job Title: IT Security Auditor
Location: Dimondale MI 48821
Duration: 12 Months
Job Type: Contract
Work Type: Hybrid
Job Description
- Senior Full Stack Security Auditor who is passionate about designing and building secure platforms and applications through Dynamic Static and Software Composition Analysis assessments.
- This position is not a member of the Security Operations Center rather it is dedicated to working with software development teams on secure coding practices.
- The ideal candidate will feel comfortable working with both frontend and backend application developers as well as building automating and securing onpremises and cloudbased applications.
- Partnering with distributed teams to help transform the way systems are built secured authorized and securely operated for continuous compliance and risk mitigation.
- Specifically this candidate will help lead efforts to implement security patterns and practices with orchestration and automation tools that automate the secure configuration verification compliance and authorization of systems.
- They will be a key member of a team tasked with maturing the organizations secure software development practices
Functional Knowledge:
- Chrome/Firefox/Edge Development tools to see the request/response headers.
- Familiarity with Security scanning tools (SAST DAST SCA ASOC Container/Cloud)
- Experience with Coverity BlackDuck CodeDX Fortify a plus.
- HTTP Request/Response headers for web and Restful API calls
- Ability to explain in detail any of the OWASP top 10 vulnerabilities.
- Cross Site Scripting Injection attacks SSRF CSRF XML entity etc.
- API Security
- JWT
- OAUTH/OIDC/PKCE
- Web API replay attacks
- Highlevel understanding of containers
- Cloud development experience (Azure AWS GCP)
- Minimum of 5 years of total IT related experience.
- 3 years implementing/utilizing Federal Industry and OpenSource Security Guidance and Secure Coding Practices (OWASP Top 10 SANS CERT CWE Top 25 Critical Security Controls Cloud Security Alliance SafeCode etc.)
- 3 years with both compiled and interpreted languages such as Angular React Node.js Java Spring Boot IBM WebSphere App server Oracle JBoss .NET stacks.
- 3 years with networking infrastructure secure application development and security automation (DevSecOps).
- 3 years of handson knowledge building and deploying secure complex distributed web and mobile applications.
- United States Citizen and ability to pass a CJIS background check.
TekWissen Group is an equal opportunity employer supporting workforce diversity
نوع التوظيف
دوام كامل
المهارات المطلوبة
الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا
