Hi,
I hope you are doing great!!!
Kindly go through the job description and let me know your thoughts…
Role: IT Security Auditor
Location: Lansing, MI-Hybrid
Required Skills:
- Experience with Application Security scanning tools (SAST, DAST, SCA, etc.)
- Proficiency in secure coding practices (e.g., OWASP Top 10)
- Strong understanding of HTTP request/response headers for web and RESTful APIs
- Knowledge of API security, JWT, OAuth/OIDC/PKCE
- Familiarity with cross-site scripting, injection attacks, and other common vulnerabilities
- Experience with cloud development (Azure, AWS, GCP)
- Proficient in both compiled and interpreted languages (e.g., Angular, React, Node.js, Java, .NET)
- 5+ years of IT experience, with at least 3+ years focused on secure application development
- Experience with security automation and DevSecOps practices
Desired Skills:
- Experience with security tools like Coverity, BlackDuck, STRM, Fortify
- Understanding of container security
- Familiarity with federal, industry, and open-source security guidelines
- Hands-on experience with building and deploying secure distributed web and mobile applications
Pre-Screening Questions :
- Please describe actual experience with tools in the following categories (SAST, SCA, ASOC, DAST).
- How do you work with teams to enable security within applications?
- Please describe how you would show a team member the details of an attack using tools, traces, OWASP Top 10.
- Please describe a time when you assisted a team or developer with remediating a vulnerability or weakness. Describe testing, coding changes suggested and the result.
All information provided should be directly from the candidate. Please do NOT use AI/ChatGPT, etc. when submitting your answers.
|
| |
|