Static Code Analyst

eSolutionsFirst, LLC
Fairfax County, VA
Nov 21, 2020
Nov 23, 2020
Full Time
Job DescriptionStatic Code Analyst Technical Must Haves Experience with Fortify - Specifically, with AWB, SSC, and SCA. JAVA - ability to work as an analyst is required, development experience preferred. Custom Filters. GitBitbucket. Ideally hands-on experience or at least familiarity with vulnerability mgmt governance and process. Soft Skill Must Haves Communication 810. Position Description Self-motivated Static Code Analyst with a focus and passion on working with application development teams to remediate software vulnerabilities and educate teams on secure coding practices. Deep understanding of OWASP Top 10 and other categories of vulnerabilities. Indepth understanding of Fortify SCA, AWB to perform secure code reviews as well as understanding of Fortify SSC and using custom filters Must be experienced in analyzing Java code and common Java development tech stacks eg Spring MVC, and Spring Boot as well as Angular, Nodejs, python Must be able to use gitBitbucket, Jenkins Must have Java development experience Understands Vulnerability manangement and Governance process Must be able to develop shell scripts using regex as well as python Ability to balance multiple SAST (Static Application Security Testing) requests at once. Must have excellent communication skills and be able to interact with multiple development teams