| Security Testing - Contract Role - Lake Forest, CA (Onsite) - NO GC at Lake Forest, California, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2167071&uid= From: Raghu Prasad, Blue Ocean Ventures [email protected] Reply to: [email protected] Hi, Role: Security Testing Location: - Lake Forest, CA (Onsite) Mandatory Skill - SDLC Security Testing, SAST and DAST tools Responsibilities: Conduct comprehensive security assessments of medical device software using SAST and DAST tools to identify and report vulnerabilities. Analyze software bills of materials (SBOMs) to identify and mitigate supply chain risks. Identify and analyze threats, conduct threat modeling, and develop and adapt mitigation strategies. Develop and maintain detailed security testing strategies and procedures. Collaborate with software development teams to integrate security best practices into the development lifecycle. Integrate security practices into CI/CD pipelines with DevOps teams. Use tools such as Burp Suite and browsers to find security issues, including business logic-related issues not typically detected by automated security scanning tools. Validate the implementation of security mitigations using manual penetration testing techniques and tools. Enhance secure SDLC practices, including threat modeling and security test automation. Investigate and respond to security incidents and vulnerabilities. Identify and mitigate security risks in cloud applications and infrastructure. Work with software developers and architects to determine appropriate mitigations for security issues. Conduct regular security assessments, penetration testing, and vulnerability analysis. Stay up-to-date on the latest security threats and trends in the medical device industry. Create and execute plans to evaluate new security tools. Curate standard approaches in tools such as threat modeling tools to enable reuse. Create and execute detailed security testing scripts using manual or automated approaches. Create reusable test scripts for common security requirements. Evaluate security requirements for gaps and research best practices for security issue remediation while creating security test cases. Consolidate testing results into standard templates for inclusion in regulatory documentation systems. Map security requirements to functional or system requirements to ensure traceability Educational Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. Relevant security certifications such as CISSP, CEH, OSCP, or others. Experience in the medical device industry. Knowledge of cloud security and DevSecOps practices. Required skills: - Bachelors degree in computer science, Information Security, or a related field. Minimum of 5 years of experience in application security testing, with a focus on SAST, DAST, and SBOM analysis. At least 3 years of experience in software development or practical automation using Python, Java, C#, or JavaScript. Strong understanding of software development methodologies and programming languages. Experience with security tools such as Fortify, AppScan, Black Duck, Veracode, or similar. Knowledge of industry standards and regulations (e.g., FDA, IMDRF, HIPAA, HITRUST, IEC 62443). Excellent problem-solving, analytical, and communication skills. Ability to work independently and as part of a team Keywords: csharp continuous integration continuous deployment California Security Testing - Contract Role - Lake Forest, CA (Onsite) - NO GC [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2167071&uid= |
| [email protected] View All |
| 07:38 PM 12-Feb-25 |