• The candidate must be able to utilize various tools (commercial and open source) to prepare and compare code for review.
• The skills to gather relevant information; including environmental characterization, threat identification, vulnerability identification and control analysis.
• The skills to prioritize risk responses including control recommendation and documentation
• He or she must also be able to effectively document the findings of the source code evaluation.
• Candidates will be required to witness and understand source code builds into application and installation procedures.
• Experience with development and maintenance of coding standards.
• Detail-oriented and focused.
• 3 years of software development experience.
• Experience with web-based application development
• 2 years’ experience with J2EE (servlet/JSP) or ASP.NET (c#)
• Experience with relational databases from an application development perspective
• Knowledge of application security vulnerabilities such as the OWASP Top 10
• Ability to handle difficult situations and to provide alternative solutions or workarounds
• Flexible and creative in helping to find acceptable solutions
• Good customer interfacing skills.
• Strong detail orientation.
• Ability to work on multiple projects at once.