Chantilly, Virginia, United States Hybrid / WFH Options
RogueThink Inc
Hands-on experience with container orchestration (Kubernetes/OpenShift). • Working extensively with containers (e.g., Docker) for deploying and managing applications. • Familiarity with security tools like SonarQube, Aqua, Anchore, Checkmarx, or similar. • Working knowledge of cloud security best practices. • Experience working in Node.js environments, including building and securing Node-based APIs and microservices. • Strong understanding of networking, identity and access More ❯
developing software in object-oriented programming languages such as C, C++, or Java- need experience with Visual Studio 22 NICE TO HAVE: Automated testing exp with test studio and Checkmarx Must have active Secret clearance Additional Skills & Qualifications • Ability and willingness to travel up-to 10% to support business needs • Proven experience as a DevOps Engineer or similar software engineering More ❯
to automatically detect and address vulnerable open-source dependencies and maintain accurate software bill of materials (SBOMs). Implement Static Application Security Testing (SAST): Implement SAST tools (e.g., SonarQube, Checkmarx) within the CI/CD pipeline to detect security vulnerabilities, code smells, and compliance issues early in the development lifecycle. Implement Container Security: Integrate container image scanning tools (e.g., Trivy More ❯
Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Description Join AXA - Global Healthcare as a DevOps Engineer, where you'll take the lead in creating and owning high-level and low-level designs for integrations, authentication, monitoring, and alerting between our SaaS applications and mobile apps. In this More ❯
querying and database design to interact with relational databases like SQL Server. Experience writing unit and integration tests and effectively troubleshooting application issues. Knowledge of Service Oriented Architecture, SonarQube, CheckMarx Ability to speak/write fluently in English Experience with agile methodology including SCRUM. Experience with modern delivery practices such as continuous integration, behavior/test driven development, and specification More ❯
Strong knowledge of secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and application security testing tools ️ Experience with SAST, DAST, and security code review tools (e.g., Fortify, Veracode, Checkmarx) ️ Familiarity with secure software development frameworks (e.g., OWASP, NIST) ️ Relevant certifications such as CSSLP, CEH, or CISSP are highly desirable More ❯
development. ️ Drive improvements in Threat Modelling, Secret Scanning, SAST, DAST . ️ Partner closely with development teams to make security seamless - NOT a bottleneck. ️ Extract real value from tools like Checkmarx, Qualys, Prisma Cloud, Hashicorp Vault, Defect Dojo and more. What You Bring: Hands-on experience with API Security, CI/CD pipelines (GitHub), container & cloud security . Familiarity with security More ❯
security throughout the development lifecycle Your Profile Bachelor's degree or equivalent 3-5 years of experience in a similar position Proficiency in security and development tools such as Checkmarx, Qualys, Prisma Cloud, Hashicorp Vault, Defect Dojo, GitHub, API Security, and CI/CD pipelines Strong knowledge of application security frameworks and standards such as SAMM Solid experience in container More ❯
/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational perspective (build, release, monitoring, rollbacks, high More ❯
/3, AMQP, streaming protocols etc), cloud network design (VPNs, subnets, regions/zones etc), and integration related technologies (Auth0, APIM) Expertise with SAST & SCA systems such as Snyk, Checkmarx Experience with DAST systems such as OpenZAP, Qualys DAST (preferred) ideally with HTTP APIs Ability to manage large scale software estates from a operational perspective (build, release, monitoring, rollbacks, high More ❯
II certification Proficiency in static and dynamic code analysis, penetration testing, database vulnerability assessments, and software security reviews Demonstrable experience with software security testing tools such as Burp Suite, Checkmarx, Qmulos, ACAS, and Axonius Knowledge of Common Weakness Scoring System (CWSS) for vulnerability assessment Demonstrable experience with reverse engineering, fuzzing, and spidering for security evaluations Strong analytical, problem-solving, and More ❯
