[Owasp-boston] 4-6 Month secure coding/Secure SDLC contractor in Newton, MA 02459
jikbal at gmail.com
Mon May 2 11:58:42 EDT 2011
The position will have to go through one of the approved staffing
vendors for the employer. If you feel you are qualified, contact me
directly and I will connect you with the vendors.
If you are a sales-person for a consulting company that is OK, too.
Just understand that the employee will HAVE TO go through an existing
staffing vendor, with whom I have no relationship.
If you are a recruiter, same rules apply. But if you don't have a
candidate ready, you will probably be wasting your time.
jikbal .at. gmail.com
This position is focused on providing application security consulting
services, including, but not limited to vendor application review,
automated and manual run-time assessments, automated and manual code
3+ years of experience focusing on Application Security in a Java,
Experience coding in at least one of the above languages
it for security issues
Experience with OWASP Top10
Knowledge of SQL
Familiarity with PCI and ISO 2700x
Knowledge of threat modeling and secure SDLC
Experience performing design and application architectural reviews and
actively and leading the discussions from a security standpoint.
Good communication in English, both oral and written (presentations,
technical reports and proposals);
General Security Certification (CISSP)
Application Security Certification (GWAS, CSSLP)
Past life as a developer
Experience working with Fortify
Perform 3rd party application review (before and after purchase)
Work with legal team to define contract language to ensure application security
Help define new application architecture or perform design review
More information about the Owasp-boston