Previous Job
US | Programmer/Developer-Developer / Software Engineer
Ref No.: 18-03192
Location: Chicago, Illinois
Start Date: 06/25/2018

Role: Application Security Engineer
Location: Chicago, IL

Key responsibilities:
• Drive product team compliance with Client Transportation secure development standards
• Initial focus: Drive automated use of SAST/DAST tools as part of product team CI/CD pipelines. Goal is 90%+ of GET products on Checkmarx by EoY'18.
Develop Checkmarx baseline scan configurations for Client Transportation P&Ls
Manage GET Checkmarx users. Work with Checkmarx to implement SSO integration and work to automate.
Analyze current code deployment techniques and recommend changes to increase automation and reduce manual intervention.
• Develop automated methods to measure SDLC compliance and software security health.

• Secondary focus:
Support GET AppSec efforts and application security review process
Conduct reviews with Dev/Eng teams to evaluate apps against SDLC criteria
• Experience: Must have strong experience with Agile development methodology, CI/CD setup (Jenkins preferred) and integration with Checkmarx and other SAST/DAST tools. Must have experience with interpreting and resolving SAST/DAST scan results.

A: Must Skills – Static code analysis (tools like Checkmarx or similar)

B: Plus Skills – Ci/CD security pipeline, Jenkins