· Developingautomation script/tools to scale out the vulnerability management team’s workacross the organization
· SubjectMatter Expert for deployment & management of various security vulnerabilityassessment tools.
· Developcustom platform integrations, data correlation and processing strategies toreduce false positives and align data against Client remediation policies
· Software development background and strong knowledge of software development lifecycles
· Experiencein Application Security, Applied Cryptographic Protocols and administeringweb-based applications and servers
· Experiencewith security toolsets such as network vulnerability scanners (Nessus, Nexpose,Qualys), Dynamic Web application Scanners (WebInspect, AppSpider, Whitehat,Veracode), Static Code Analysis (Fortify, Veracode) and component lifecyclemanagement tools (Sonotype, Blackduck)
· Abilityto develop and communicate recommendations to management
· Abilityto translate technical security vulnerabilities into business risk
· Strongproblem-solving and conceptual thinking abilities
· Strongability to reverse engineer tools, exploits and open source applications andability to develop them
· Experiencelooking for application security vulnerabilities such as Cross Site Scripting,SQL Injection,Cookie Manipulation, Buffer Overflows, etc.
· In-depthfamiliarity with Windows and Unix Operating Systems