*Note: Please Share your consultant updated profile
to hari.pra...@eaglenetworksolutions.com


Hope you are doing well,

Please find the below requirement and if you are comfortable and interested
please send your updated profile along with below details ASAP to move
forward with submission process.

*Job Title: Software Engineer II*

*Location: Reston, VA*

*Duration: 6 -12 Months*

*Visa Status: H1B, GC, US Citizens(NO OPT or CPT Visa Please)*

*Job Description:**

To participate in the implementation of software security processes, tools,
and technical solutions in order to improve the quality and security of
College Board products. The Software Engineer will be deeply involved in
security-driven assessments of College Board products utilizing automated
and manual techniques.

•           Evaluate new and existing security standards, tools and

•           Participate in documenting processes and technologies that
support secure software development practices.

•           Participate in maintaining a security API used by College Board

•           Support developers in the areas of secure coding practices,
vulnerability assessments, and remediation.

•           Stay current with emerging software security technologies,
industry trends, and attack vectors, with a primary focus on internal
reference architecture and security standards.

•           Operate and customize code scanning and review tools.

•           Participate in secure code reviews of College Board

•           Participate in security incident response.

•           Work with IT Groups to define, develop, socialize and execute
long-term application security roadmap, including:

•           Conduct in-house code reviews, static analysis and dynamic
analysis on software products.

•           Conduct manual and automated security testing of College Board

•           Perform day-to-day operations of static analysis tool and IDE
plug-in support.

•           Assist with the remediation of security vulnerabilities found
via code scanning and manual inspection and penetration testing.

•           Help review static analysis tool findings with product teams
and other IT stakeholders; participate in manual code inspections.

•           Review dynamic analysis tool findings and identify sources of
problems with product teams and other IT stakeholders.

•           Maintain common security API used by College Board software

*Required Skills:**


Bachelor’s Degree in a related field plus additional related college
courses or professional training. Four to seven years of progressively
responsible directly-related experience.

*Related Skills & Other Requirements:*

•           Strong and evolving competence in several programming languages
and technologies, mastery of one or more tools sets, technologies and
implementation environments.

•           Advanced knowledge of programming languages, relational
database management systems, networking technology, multiple desk operating
systems and multiple server operating systems.

•           Understanding of modern software engineering principles and

•           Strong customer service orientation.

•           Strong problem solving and analytic skills.

•           Must have strong knowledge in one or more of the following: *HTML,
JavaScript, DOM, AJAX, CSS/CSS2, XML, XHTML, DHTML, etc.*

•           Experience writing *automated unit tests.*

•           Must have adequate knowledge of *J2EE and/or .NET technologies.*

•           Knowledge of *Cross-Site Scripting (XSS), HTTP Request
Smuggling, SQL Injection, RFI (Remote-File Inclusion), LFI (Local-File
Inclusion), CSRF (Cross-Site Request Forgery), Response Splitting, OWASP
Top 10 and other attack vectors a plus.*

•           Knowledge of *OWASP Web Security Certification Criteria, OWASP
testing guidelines and PCI Data Security Standards is a plus.*

•           Experience with one or more of the following tools *nmap,
wikto, nessus, whisker, crowbar, Paros, suru, Wireshark, TCPDump, ISS is a

•           Experience with one or more of the following web app
scanners - *IBM
AppScan (WatchFire), HP Web Inspect (SPIDynamics), Cenzic, Web Scarab is a

•           Experience in *performing code reviews.*

•           Strong interest in *IT Security *with a passion to solve

•           Knowledge of* TCP/IP, HTTP/S and other protocols*.

•           Any knowledge of one or more of the following is a plus but not
required -- *Python, Ruby, PHP or other scripting languages.*

•           Willingness to learn and try new things as well as extremely
good research skills

•           Reverse engineering experience using one or more of the
following tools -- *(IDA, Olly, and SoftIce) is a plus.*

•           Experience with *protocol analysis, forensic analysis is a

•           Experience* installing, configuring and maintaining continuous
integration (CI) environment(s) using tools such as Cruise Control, Cruise
Control.NET, Hudson, Bamboo, Gauntlet, in a test driven development (TDD)
process is a plus.*

•           Experience with one or more of the following static analysis
tools are highly desired: *Ounce Labs, Fortify, Klocwork, Prefix/Postfix,
FindBugs, FxCop, and PMD*.

•           Additional certifications such as CISSP, ENCE, CCE, GCFA, GCIA,
GCIH, CHFI and/or QSA are highly desired.

•           Ability to travel when required.


Bachelor’s Degree in a related field plus additional related college
courses or professional training.

*Thanks and Regards*

*Hari Prasad*

*Eagle Network Solutions INC*

*E-Mail: hari.pra...@eaglenetworksolutions.com
*www.eaglenetworksolutions.com <http://www.eaglenetworksolutions.com/>*

You received this message because you are subscribed to the Google Groups 
"OracleD2K" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to oracled2k+unsubscr...@googlegroups.com.
To post to this group, send email to oracled2k@googlegroups.com.
Visit this group at https://groups.google.com/group/oracled2k.
For more options, visit https://groups.google.com/d/optout.

Reply via email to