3+ years of experience with supporting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode.
3+ years of experience with Java, Python, .NET, or C#.
3+ years of experience with Burp Suite.
3+ years of experience designing and implementing enterprise-wide security controls to secure applications, systems, networks, or infrastructure services.
Experience with Eclipse, JDeveloper, including pipeline development, or Visual Studio.
Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25.
Experience with Interactive Application Security Testing (IAST) capabilities and tools.
Experience with Selenium.
Experience in writing bash scripts.
Experience with OWASP ZAP or Burp Proxy.
Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP.
Knowledge of Linux or UNIX environments, including navigating and troubleshooting basic website connectivity issues.
HS diploma or GED.
Clearance:
US Citizenship and Public Trust clearance required.