Senior Vulnerability Code Analyst

We are looking for a Senior Vulnerability Code Analyst specializing in Ruby on Rails. The role involves performing vulnerability code analysis on platforms, ensuring secure coding practices, and supporting vulnerability management. Technical Skills: Coding Languages: Proficiency in Ruby programming language. Familiarity with PHP, Bash, PowerShell, or Python. Code Analysis Tools: Expertise with static and dynamic code analysis tools such as Fortify, Checkmarx, Veracode, SonarQube, and Burp Suite. Familiarity with fuzzing tools and techniques. Security Technologies and Concepts: Expert knowledge of common cybersecurity vulnerabilities and attack vectors (e.g., OWASP Top Ten, CWE/SANS Top 25). Understanding of secure coding practices and the software development life cycle (SDLC) security. Vulnerability Management: Experience with threat modeling and risk assessment methodologies. Experience managing vulnerability remediation processes and collaborating with development teams to address issues. B. Certifications: The following certifications are preferred: Offensive Security Certified Professional (OSCP) GIAC Web Application Penetration Tester (GWAPT) Certified Secure Software Lifecycle Professional (CSSLP) Experience and Technical Skills: Five years’ experience in the following areas: IT security, with a focus on designing and implementing security architectures for cloud environments. Proficiency with AWS Cloud Platform and cloud security best practices. Experience with security technologies such as firewalls, VPNs, IDS/IPS, WAFs, SIEM, and endpoint security solutions. Knowledge of encryption, Amazon Cognito, AWS Security Hub, Amazon GuardDuty, and Amazon Inspector. Familiarity with industry standards and regulations such as NIST, HIPAA, and SOC 2, as well as experience in conducting security assessments and audits. Skills: Strong problem-solving abilities and excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders. Ability to work effectively with cross-functional teams. Responsibilities: Perform vulnerability code analysis on client platforms, ensuring security compliance prior to deployment. Collaborate with the development team to maintain secure coding practices and support vulnerability remediation. Deploy and maintain AWS cloud security controls as established by client. Manage automated security scans and conduct ongoing security assessments to ensure secure operations. Job Type: Contract Pay: $45.00 - $55.99 per hour Experience: Linux: 3 years (Required) Python: 3 years (Required) Metasploit: 3 years (Required) Cybersecurity: 5 years (Required) AWS Cloud Security: 3 years (Required) Ability to Commute: Washington, DC 20035 (Required) Ability to Relocate: Washington, DC 20035: Relocate before starting work (Required) Work Location: Hybrid remote in Washington, DC 20035