Beschreibung
Senior Source-Code Specialist - Huntress GroupHello,
fore one of our clients we are currently looking for a Senior Source-Code Specialist
Tasks:
• Setup and execution of tool-based (AppScan Enterprise/Source Edition) security analyses of source code
• Assessment and rating of findings
• Detection of False Positives
• Cross check of application designs.
• Assessment and rating of findings with respect of underlying business logic
• Providing a meaningful documentation containing classified findings and traffic light charts for each security code analysis
• Tracking of solving of findings within different projects.
• Consulting on the definition of processes for security code analysis
• Supporting first installation and roleout of AppScan Enterprise/Source Edition
• Consulting on libraries and frameworks used by the applications with respect to security requirements
• Consulting on components (e.g. Open Source) used by the applications with respect to security requirements
• Consulting on definition of metrics of security code analysis (setup reporting)
• Integration of metrics of security code analysis into processes
• Setup of additional security assessments
• Consulting of IT-projects to solve findings within code
• Documentation of Best Practices and FAQs at security code analysis within an internal Wiki
Requested skills:
• IBM AppScan Enterprise Edition, most recent Version
• Longtime experience with security code analysis analysis and assessment (manual and tool based)
• Longtime experience with development of secure software in recent programming languages (Java, .NET, ABAP,…)
• Longtime experience with consulting in IT-security
• Ideally certifications in IT-security (z.B. SSCP, CISSP) and security (CSSLP, CDSSE)
• Basic knowledge of "BSI Grundschutzkatalogs"
• Basic knowledge of SAMM or BSIMM
• Basic knowledge of OWASP Best Practices
• Basic knowledge of IT-architecture
• Basic knowledge of IT-security technologies
• Experience in design and development of IT-applications
• Basic knowledge on models of SW-development projects (e.g. V-Modell, SCRUM, …)
Location: Wolfsburg area
Start: Feb 2014
End: Dec 2014
If you are interested or if you know someone who could be interested, please contact me!
I am looking forward to your application
Mit freundlichen Grüßen, Kind regards,
Jonathan Basso
Consultant Germany
International contract and permanent staffing specialist
Huntress Group GmbH München
T
huntressgroup.com | LinkedIn | XING
Maximilianstrasse 35a - 80539 - München - Deutschland