Application Security Advisor

Duration : 6+ Months Contract (Hybrid) Description : The role that we are looking for is on the advisor team and what we do is we are integrated into the development squads to help them fix vulnerabilities to the left (run their scans in their lower environment.) We find these as we help remediate and we do not push them in to production. As a result, we should not be pushing any new vulnerabilities into production, so we are each of the security advisor is aligned to a portfolio where they are broken down as primary and secondary. This advisor role would need coding experience. They will be working hand in hand with the developers to say OK, there is a SQL injection here. This could be a probable SQL injection and this is how you fix it or there is a cross site scripting vulnerability here. You probably have to do input validation and this is how you should be doing so in order to find out and fix those vulnerabilities, they need to understand code first. The other thing that we would like is understanding of AWS or Microsoft or Clienture or you know all of these. Not hands on is not required, just basics if they are speaking that language about databases about back end. They should be able to communicate and have a conversation and communicate or provide you know best practices of how they should be doing it right. the role, emphasizing that the trainer will be part of the "Security Coaches and Advisors" program. This program trains developers in application security to ensure no vulnerabilities are introduced into production. The training is hands-on and provided by a third-party vendor called Appsec Engineer. The program has been running since 2021, with four cohorts per year and over 256 developers trained. The day-to-day responsibilities of the trainer include running cohorts, teaching cybersecurity with a focus on application security, and collaborating with developers to address any issues they may have. The trainer should have a good understanding of application security and be able to explain vulnerabilities and remediation techniques to developers. Security Advisors Skills : Experience with security tools (e.g., SAST, DAST, SCA). Strong understanding of network protocols and encryption. Familiarity with secure development frameworks and DevSecOps. Conduct manual and automated code reviews to identify vulnerabilities. Perform threat modeling and risk assessments for new and existing applications. Proficiency in Java, Python, JavaScript, C#, or similar languages. Experience with CI / CD platforms (e.g., GitHub, Jenkins). Familiarity with DevSecOps, container security, and cloud platforms (AWS, Clienture, GCP). About US Tech Solutions : US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit www.ustechsolutions.com. US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.