Support and advise DevOps teams in the design of secure software
Recommend and deploy tooling to manage security in the delivery pipeline as well as production systems.
Perform security verification of applications by doing code reviews and manual /automated penetration testing to identify vulnerabilities and provide mitigation recommendations
Hands-on experience with CI/CD tools such as Azure DevOps & Jenkins'
Familiarity with configuration management tools such as Chef and Azure Resource Manager (ARM)
Experience with multiple Application Security Tools (SAST, DAST, SCA) and the integration into the SDLC via CI Automation and Integration.
Experience with modern source code management and software repository systems e.g. Visual Studio, Git/GitHub, etc.
Application Security Testing
Expert knowledge in one or more SAST and/or DAST Solutions
Hands on experience in doing security code reviews and penetration testing against web applications
Application Security Design & Architecture
Experience with securing applications specifically for Cloud hosting environments e.g. Azure, AWS
Knowledge of Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures
Familiarity with threat modeling and security design review methodologies.
Deep understanding of the fundamentals of security at multiple layers of abstraction, from operating systems to applications
Annex Consulting Group is a full-service IT and management consulting firm, specializing in staff augmentation contracting, permanent staffing, and outsourced solutions. Candidates must be legally entitled to work in location advertised.
Not interested but know someone who is a fit for this role? Check out the award-winning Annex Referral Program .
Leaders in IT. Advisors in Business. Partners in Solutions.