Manual Secure Code Review Consultant is responsible for the Manual secure code review and assessment of in-house developed source code of Web/Non-web and cloud apps, API’s, etc.
Roles & Responsibilities:
● Manual Secure Code Review Consultant is responsible for the Manual secure code review and assessment of in-house developed source code of Web/Non-web and cloud apps, API’s using manual approach primarily, develop and leverage custom scripts and tools as required.
● Interaction with developers (Application Development) to gather application source code details, conduct code review and provide technical assistance in remediating application security issues will be part of the responsibilities.
● Document vulnerabilities and work with developers on vulnerability mitigation.
● Perform re-reviews to validate the fixes on the reported vulnerabilities.
Qualifications:
● Experience required: 2-4 Years.
● Proficiency in secure coding standards and manual review of code to identify OWASP Top 10 vulnerabilities and SANS Top 25 Programming errors.
● The Code Reviewer should possess strong knowledge of Secure coding principles across widely used programming languages (Java, Angular/Node JS, Java Script, Python, Ruby etc.) along with excellent communication, analysis and organizational skills.
● Knowledge on Application development using technologies like Java, J2EE, Groovy, Ruby, Angular JS, Node JS, Java Script, Python.
● At least 3 years of progressive development experience with 2+ years in Secure Code review and Application Security.
● Proficiency with Application Security best practices with more focus secure coding guidelines.
● Experience in performing manual secure code review of popular web application programming languages (Java, Javascript, Angular, Python, Perl, optionally Objective-C, etc.).
● Good written and verbal communication skills and the ability to interact well with different levels within the organization.