*Hello Partners.* *Please check the JD and Share your consultant resumes to email: ra...@lor-venk.com <ra...@lor-venk.com> / ph- 804-554-1121.*
*1) Job Title: Lead Application Security Engineer* *Location: Washington, DC* *Duration: 9 months* *Job Category: IT* *Industry: Healthcare* *Responsibilities:* *1. **Provide subject matter expertise on secure coding practices and security design based on current knowledge of security threats and vulnerabilities that could impact the technology stack.* *2. **Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application and data to align with application security maturity model and adopt a shift-left approach for security.* *3. **Evaluate various application security tools including SAST, DAST, SCA, IAST, and Pen Testing and operationalize security tools for integration with CI/CD.* *4. **Perform application testing and review security test results from scans and penetration testing to identify viable vulnerabilities that may be exploited and propose remediation solutions or mitigation controls.* *5. **Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments.* *6. **Perform threat modeling, conduct security architecture reviews and provide training to architects and developers to enhance adoption of secure coding practice within the product development lifecycle.* *7. **Provide security related coaching and expertise to drive and elevate security expertise within the development teams.* *8. **Lead security innovation and best practices in product development through collaboration and learning from industry professionals and consortiums* *Qualifications and Education Requirements:* *1. **Bachelor’s Degree in Information Technology or the equivalent combination of education, training or experience* *2. **8 years or more experience in the field of cybersecurity and application security* *3. **Expert knowledge in security best practices, principles and common security frameworks such as OWASP, NIST and HIPAA* *4. **Experience in software development including Java/ Python and scripting languages* *5. **Knowledge of secure architecture and design patterns for Web, Mobile and Microservices* *6. **Knowledge of current and emerging threats and techniques for exploiting security vulnerabilities* *7. **Experience securing cloud infrastructure and applications* *8. **Experience with methodologies and security testing tools for threat analysis of complex applications and services including threat modeling, software fuzzing, static and dynamic analysis and penetration testing.* *9. **Advanced organizational, planning and time management skills* *10. **Advanced communication, presentation and analytical skills* *11. **Desired: CISSP, CISM or other related Information Security certifications* *Best Regards,Rahul* *Technical recruiter* Main: 804-552-3456 X 101 | Direct: 804-554-1121 - 919-689-5606 Email: ra...@lor-venk.com <chan...@lor-venk.com> Linked-in: https://www.linkedin.com/in/rahul-teja-0595a9158 Lorvenk Technologies | 11409 Dublin Road, Glenn Allen, VA 23060 <https://maps.google.com/?q=11409+Dublin+Road,+Glenn+Allen,+VA%0D%0A23060&entry=gmail&source=g> . http://www.lor-venk.com -- You received this message because you are subscribed to the Google Groups "Resumes" group. To unsubscribe from this group and stop receiving emails from it, send an email to resumes+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/resumes/CAPRwY0Z97TARk77rurefkOZaRaBgZ%3Dw8DcivqPX%2B56E7z%2B%2B7Ow%40mail.gmail.com.