Security Developer - Remote

Position: Security Developer Consultant
Location: Remote
Position Type: Contract
Rate : DOE


U.S. Citizens, Green Card, GC / H4 / OPT EAD and TN Visa Preferred. We are unable to sponsor at this time.

Overview:
As a Security Developer Consultant, you will play a key role in analyzing and remediating security risks identified by cloud security platforms such as Wiz.io and other security tools. Your responsibility will include evaluating the vulnerabilities and misconfigurations in applications and infrastructure, providing development-driven solutions, and ensuring that applications adhere to security best practices. You will collaborate closely with development teams to implement configuration changes and optimize security measures within the application stack.
Key Responsibilities:

• Analyze Security Issues: Review and analyze security vulnerabilities, misconfigurations, and risks identified by Wiz.io and other security scanning tools.

• Remediation & Resolution: Develop and implement code or configuration changes that address the identified security issues in the application and underlying infrastructure.

• Collaborate with Development Teams: Work with software developers and architects to ensure secure coding practices are followed and assist in implementing necessary security changes within the applications.

• Security Best Practices: Guide teams on adhering to security policies, standards, and industry best practices (e.g., OWASP, CIS benchmarks) when configuring or developing applications.

• Continuous Monitoring: Help integrate and maintain security monitoring tools to ensure continued security and compliance of cloud applications.

• Security Audits: Perform periodic audits of application code, infrastructure, and configurations to ensure vulnerabilities are addressed in a timely manner.

• Documentation: Provide detailed documentation on identified issues, mitigation strategies, and steps taken to resolve security risks, ensuring all stakeholders are kept informed.

Qualifications:

• Experience with Security Tools: Hands-on experience with Wiz.io, cloud security platforms, and other security tooling (e.g., Snyk, SonarQube, Checkmarx).

• Application Development: Strong experience in software development, particularly with secure coding practices in languages like Python, Java, Node.js, or similar.

• Cloud Security: In-depth understanding of cloud infrastructure security (AWS, Azure, GCP), including identity and access management, container security (Kubernetes, Docker), and network security.

• Vulnerability Management: Proven track record of identifying and remediating security risks in both application code and infrastructure configuration.

• Security Certifications (Preferred): CEH, CISSP, OSCP, or relevant cloud certifications (AWS Certified Security, Google Cloud Professional Security Engineer, etc.).

Skills:

• Expertise in reviewing and implementing application-level security fixes.

• Strong knowledge of secure coding standards and DevSecOps principles.

• Excellent problem-solving and analytical skills with a proactive approach to mitigating security risks.

• Ability to communicate complex security issues to both technical and non-technical stakeholders.

• Familiarity with CI/CD pipelines and integrating security checks into development workflows.

Education:
Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).