Security Engineer (Ref# SE57KPV)

Job Duties: Responsible for end-to-end security vulnerability life-cycle including identification, assessment, prioritization, and remediation tracking. Conduct regular vulnerability scans and analyze the results to address security risks and remediation techniques. Perform security scanning for business-critical database servers for authentication security flaws. Work closely with the database team for remediation plans. Conduct infrastructure and application security vulnerability assessments and false positive analysis for both dynamic and static-type scans on the applications and devices. Perform secure code reviews and eliminate false positives through manual verification and interaction with App Dev teams for the remediation plan. Assist the teams in implementing the security solutions and remediating critical vulnerabilities while minimizing business impact. Introduce the integration process to web-based applications for which automated security scans for all code check-ins. Provide remediation for security vulnerabilities and perform a dynamic approach for technical security safeguards to protect information systems. Integrate the SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) results and prioritize the vulnerabilities and calculate the risk grade for the applications. Explore new vulnerabilities and provide support to the development teams for zero-day attack value abilities. Responsible for zero-day vulnerabilities and reporting about the impact and benefits for the organization. Analyze the implementation and whether the implementation improves the security and performance of the application. Participate in assignment, resolution, and tracking of defects reported by application stakeholders during various test cycles. Research emerging threats and security advisories to strengthen proactive defense measures. Use of Qualys, Checkmarx, Core Impact, Tenable, Veracode, Archer, ServiceNow, JIRA, and Fortify.

Position requires 2 years of experience with vulnerability scans, SAST, DAST, Qualys, and JIRA., Requirements: Master's degree or foreign academic equivalent in Computer Science, Computer Engineering, Information Technology, Information Systems, or a related field. Plus 2 years of experience in the job offered or a related occupation. Position requires 2 years of experience with vulnerability scans, SAST, DAST, Qualys, and JIRA. 40hrs/week.