IT Cloud Security Auditor Hybrid in Dimondale Michigan Full time Job in Dimondale, Michigan United States | Snaprecruit

IT Cloud Security Auditor Hybrid in Dimondale Michigan Full time Job in Dimondale, Michigan United States | Snaprecruit
  • Snapboard
  • Activity
  • Reports
  • Campaign
Profile Resumebox Contact List My Jobs Send Mail
Welcome ,

Invite others to join Snaprecruit

Send

Share about us on social media!

Logo
Search for Similar jobs

IT Cloud Security Auditor Hybrid in Dimondale Michigan

In Michigan United States

Save this job

Point Apply Here

IT Cloud Security Auditor Hybrid in Dimondale Michigan   

JOB TITLE:

IT Cloud Security Auditor Hybrid in Dimondale Michigan

JOB TYPE:

Full-time

JOB LOCATION:

Dimondale Michigan United States

JOB DESCRIPTION:

Short Job Description

Senior Full Stack Security Auditor who is passionate about designing and building secure platforms and applications.
The ideal candidate will feel comfortable working
with both front-end and back-end application developers, as well as building, automating, and securing on-premises and cloud-based applications.
Partnering with distributed teams to help transform the way systems are built, secured, authorized and securely operated for continuous compliance and risk mitigation.
Specifically, this candidate will help lead efforts to implement security patterns and practices with orchestration and automation tools that automate the secure configuration, verification, compliance, and authorization of systems.
They will be a key member of a team tasked with maturing the organization's software development and security practices.

Long Job Description

Functional Knowledge:
Chrome/Firefox/Edge Development tools to see the request/response headers
Familiarity with Security scanning tools (SAST, DAST, SCA, ASOC, Container/Cloud)
Experience with Coverity, BlackDuck, CodeDX, Fortify, a plus
HTTP Request/Response headers for web and Restful API calls
Ability to explain in detail any of the OWASP top 10 vulnerabilities
Cross Site Scripting, Injection attacks, SSRF, CSRF, XML entity, etc.

API Security
JWT
OAUTH/OIDC/PKCE
Web, API replay attacks
High-level understanding of containers
Cloud development experience (Azure, AWS, GCP)

Minimum of 5+ years of total IT related experience.

3+ years implementing/utilizing Federal, Industry and Open-Source SecurityGuidance and Secure Coding Practices (OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance, SafeCode etc.
)
3+ years with both compiled and interpreted languages such as Angular, React, Node.
js, Java, Spring Boot, IBM WebSphere App server, Oracle JBoss, .
NET stacks
3+ years with networking, infrastructure, secure application development and security automation (DevSecOps).

3+ years of hands-on knowledge building and deploying secure complex distributed web and mobile applications.

United States Citizen and ability to pass a CJIS background check

Position Details

POSTED:

Nov 26, 2023

EMPLOYMENT:

Full-time

SNAPRECRUIT ID:

S28240-12269-11202023-40031154

LOCATION:

Michigan United States

CITY:

Dimondale

Job Origin:

CEIPAL_ORGANIC_FEED

Jobcon Logo
A job sourcing event
In Dallas Fort Worth
Aug 19, 2017 9am-6pm
All job seekers welcome!
Get your FREE tickets

Download mobile appsJust Swipe to apply for jobs. Try it out !

Apple icon

Download on the

Google icon

Download on the

Download mobile appsJust Swipe to apply for jobs.

Apple icon

Download on

Google play icon

Download on

IT Cloud Security Auditor Hybrid in Dimondale Michigan    Apply

Click on the below icons to share this job to Linkedin, Twitter!

Short Job Description

Senior Full Stack Security Auditor who is passionate about designing and building secure platforms and applications. The ideal candidate will feel comfortable working
with both front-end and back-end application developers, as well as building, automating, and securing on-premises and cloud-based applications. Partnering with distributed teams to help transform the way systems are built, secured, authorized and securely operated for continuous compliance and risk mitigation. Specifically, this candidate will help lead efforts to implement security patterns and practices with orchestration and automation tools that automate the secure configuration, verification, compliance, and authorization of systems. They will be a key member of a team tasked with maturing the organization's software development and security practices.

Long Job Description

Functional Knowledge:
Chrome/Firefox/Edge Development tools to see the request/response headers
Familiarity with Security scanning tools (SAST, DAST, SCA, ASOC, Container/Cloud)
Experience with Coverity, BlackDuck, CodeDX, Fortify, a plus
HTTP Request/Response headers for web and Restful API calls
Ability to explain in detail any of the OWASP top 10 vulnerabilities
Cross Site Scripting, Injection attacks, SSRF, CSRF, XML entity, etc.
API Security
JWT
OAUTH/OIDC/PKCE
Web, API replay attacks
High-level understanding of containers
Cloud development experience (Azure, AWS, GCP)

Minimum of 5+ years of total IT related experience.

3+ years implementing/utilizing Federal, Industry and Open-Source SecurityGuidance and Secure Coding Practices (OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance, SafeCode etc.)
3+ years with both compiled and interpreted languages such as Angular, React, Node.js, Java, Spring Boot, IBM WebSphere App server, Oracle JBoss, .NET stacks
3+ years with networking, infrastructure, secure application development and security automation (DevSecOps).
3+ years of hands-on knowledge building and deploying secure complex distributed web and mobile applications.
United States Citizen and ability to pass a CJIS background check

Loading
Please wait..!!