Static Application Security Tester

at Apex Systems Inc

location Owings Mills, Maryland

Updated on Oct 15, 2020

Contract Position
6 month(s)

  • Referral Bonus


  • Signing Bonus



Pay Rate $56.00 per hour

Experience 7-12 Years

Eligibility H-1B visa, US citizen


Information Technology Services


Not Specified

Job ID


Working Remotely Allowed



Principal Duties/Roles and responsibilities:
Configure projects for scanning with Static Application Security Testing tools.
Analyze scan results and suppress false positives.
Create and maintain custom rulesets regarding the suppression of false positives.
Provide root cause analysis for failed scans.
Assist developers with remediation guidance for security findings.
Verify remediation of security findings utilizing commit histories and re-scans.
Develop and execute an appropriate security testing strategy for each engagement, including performing software security testing against applications, platforms, and systems.
Analyze testing results that are generated from SAST tooling and identify and suppress false positives.
Create and maintain custom rulesets within the tooling to account for false positives, trending threats, and areas of focus.
Identifies and determines root cause analysis for failed scans. Works with proper teams toward resolution. 
Works with development and engineering teams to convey findings and risk, assisting with remediation strategies and risk assessment.
Verifies remediation of security findings using commit histories and rescans of code.
Contributes to the development of standard methodologies and SSDLC activities through reporting and publishing of findings to facilitate new design approaches to deter these defects from reoccurring.
Ability to break down complex or vague problems and steps through them in a rational way.
Shows flexibility in thinking and the ability to evolve a solution when additional information or ideas are presented.
Decisions and recommendations distinguish between near term mitigation and required future investments.
Actively helps team members/make suggestions to improve practices.
Other duties as assigned
You make decisions that show a focus on current and future business priorities, together with fiscal responsibility.
Applies understanding of the current threat landscape, in general, and specific to both the Financial Services field and the firm and uses that operational awareness and threat intelligence data to drive decision-making.
Understands actual business requirements and ensures those drive assessments and guidance.

Required Skills/Must Have:
Must be familiar with OWASP top 10.
Expertise in Fortify Source Code Analyzer (SCA).NET, Python, Java
Typically, 4+ years of relevant experience.
Must be familiar with OWASP top 10.
Expertise in Fortify Source Code Analyzer (SCA)
Stays current with many best-of-breed technologies.
Performs as an authority in one or more components of the SSDLC. Leads significant pieces of static security testing.
Knows and can implement modern software testing techniques.
Experience with multiple software systems design tools and languages
Skilled in automating manual tasks and enabling customer self-service.

Similar Jobs


Earn money by referring your friends to their next dream job, or find a job for yourself and the Referral Bonus becomes a Signing Bonus. Full time or Contract.

  • Make Money

    We’ll give you between several hundred and several thousand dollars for every successful referral.

  • Help Your

    Job applications with personal recommendations are twice as likely to get hired.

  • 100% Free

    Absolutely zero sign up and subscription fees. We want to pay YOU!

  • Signing Bonuses

    All jobs on iEndorseU come with a Signing Bonus if you find a job for yourself

  • No credit card needed

    We pay you directly through Paypal, so keep your personal information…personal.

  • Sponsor others

    Get others to download our app and we will pay you $100 whenever they next get a job through our platform.

All the ways to make money from us