Ref No.: 18-03758
Location: Silver Spring, Maryland
Required Skills :
100% Remote

Basic Qualifications :

Job Description :
Job Description:
A successful candidate will be someone with experience supporting the SD elements Tool.
* Support UWQ requests from users and ASCs.
* Help write Java and .NET scan rules for Checkmarx that have parity with our Fortify rules so that teams can automate remediation validation in the CI/CD pipeline.
* Help expand EASP scan ruleset to have parity with Security Code Review (SCR) scan rules so that teams with Publicly Accessible Applications (PAA) can identify and remediation defects earlier in the SDLC.
* Help support the growing EASP SAST infrastructure as more applications continue to run more scans.
* Help support the onboarding of users and applications to our SAST tools and ThreadFix.
* Help produce remediation compliance reporting
-Working with dev teams to get their apps onboarded
Supporting user requests that come through the que
-Access requests
-Prototyping changes
-Remediation
·Must be able to refine PCI-DSS content and mappings in SD Elements for regulatory compliance.
·Must be able to refine NIST 800-53 content and mappings in SD Elements. Must be able to refine Cloud security requirements guidance to help remediate private cloud security requirements. Assist with defining and developing governance and practice data reports using the SD Elements API (able to script using Python, PowerShell, etc.) to provide remediation and compliance information. Assist with the development of automated remediation validation in SD Elements (integrations with other EIS and EIT tools, such as SDLC Tracker, Cloud Management Platform, Application Security Compliance Reporting, etc.).