Skip to Main Content

Secure Software Engineer

Volpe Information Techology Group, Inc.
Baltimore, MD
  • Posted: over a month ago
  • $70,000 to $95,000 Yearly
  • Full-Time
  • Benefits: life insurance, medical, vision, 401k, dental,
Job Description

Required Skills:

  • 2+ years of software development experience with any one of the object oriented programming languages like Java, Ruby, C#.
  • Git and Linux/Unix Commands.
  • Knowledge and understanding of Secure Code practices.
  • Perform code review and audit application source code scans for security vulnerabilities, and identify True Positives and False Positives.
  • Providing guidance to development community for resolving the vulnerabilities. Should be able to interact on daily basis with development community on the security issues of their applications.
  • Understanding of source code vulnerabilities such as Cross-Site Scripting, SQL Injection, Heap Inspection, DOM Injection, SSRF (Server-Side Request Forgery), XSRF (Cross-Site Request Forgery) etc.
  • Should be able to research on third party library vulnerable and non-vulnerable packages from different sources like NIST, OWASP and provide upgrade guidance on recent non-vulnerable components.
  • Understanding of Jenkins Pipeline.
  • Understanding of relational databases and experience in writing SQL queries.

Required Education:

  • Bachelor Degree at a minimal is required to be considered for this position.

Tools: Checkmarx, blackduck, Nexus IQ, Blackduck, Eclipse, SQL Server Management Studio

Desired but not required:

  • Ability to take a product through the entire lifecycle of analysis, design, coding, testing and implementation and support.
  • Experienced with implementing all aspects of an application design – high performance design, coding, caching mechanisms, security, encryption, state management, error logging, debugging, scalability, code reviews, development environment configuration, and testing.
  • Experienced with performing unit and system level testing on web applications.
  • Proven track record of designing scalable, web based distributed software applications
  • Experience developing software in the government sector (a plus).

· Experience or knowledge of Jenkins, Cloud, and Maven

· Experience with collaboration tools such as SharePoint

· Experience with integrating SCA code scanning into the build process

· Code scanning experience - Manual/Automated/Static/Dynamic

· Experience/exposure in major programming languages such as JAVA EE, .NET,

COBOL, ColdFusion, etc.

Volpe Information Techology Group, Inc.

Address

Baltimore, MD
USA

Industry

Technology

View all jobs at Volpe Information Techology Group, Inc.

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.