Senior Vulnerability Code Analyst

ESI is seeking a Senior Vulnerability Code Analyst to support work for one of our customers.

• Duties & Responsibilities
• Extensive knowledge and hands on experience in Ruby-on-Rails.
• Perform vulnerability code analysis on the code running HBXs platforms.
• Vulnerability code analysis is expected to be performed prior to deployment of every change. This role requires deep technical expertise in both Ruby on Rails and security practices, including experience in code analysis and secure coding principles.
• Qualifications
• Coding Languages Demonstrated proficiency in Ruby programming languages.
• Bachelors Degree in Computer Science
• Demonstrated familiarity with languages such as PHP, Bash, PowerShell, or Python. Code Analysis Tools
• Demonstrated expertise with static and dynamic Code Analysis Tools such as: Fortify, Checkmarx, Veracode, SonarQube, and Burp Suite. Demonstrated familiarity with fuzzing tools and techniques. Security Technologies and Concepts:
• Demonstrated expert knowledge understanding of common cyber security vulnerabilities and attack vectors (e.g., OWASP Top Ten, CWE/SANS Top 25). Knowledge of secure coding practices and software development life cycle (SDLC) security. Vulnerability Management Experience with threat modeling and risk assessment methodologies. Experience in managing vulnerability remediation processes and working with development teams to fix issues.
• Certifications: The following certifications are preferred: Offensive Security Certified Professional (OSCP) GIAC Web Application Penetration Tester (GWAPT) Certified Secure Software Lifecycle Professional (CSSLP)