Associate development, security, and operations Engineer

Associate DevSecOps Engineer

Location: 251 Little Falls Dr., Wilmington, DE, 19808, US

(Hybrid)

Job Description:

Monday - Friday 8:00 - 5:00

Onsite/Hybrid

Some of the things you'll be doing:

• Provide expertise in the DevSecops ,specializing in web application security, SCA, SAST, and DAST services

• Developing Policies to protect web application and API's from malicious payload attacks, provide virtual patching capabilities and validation with Security Testing.

• Assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.

• Manage and maintain Web Application Firewall (WAF) inventory, ensuring effective configuration, monitoring, and reporting.

• Contribute to observability initiatives by integrating security telemetry, dashboards, and alerts into monitoring systems.

• Explore and apply AI-driven security solutions for anomaly detection, threat prediction, and automated remediation.Help evolve CSC's application security functions and services.

• Identify security exposures and develop mitigation plans.

• Identify, report and fix technical debt.

• Assist Senior Application Security on all application security activities.

• Be productive and participate in security initiatives with minimal supervision.

• Experience with SAST (Static Application Security Testing), SCA (Software Composition Analysis), DAST (Dynamic Application Security Testing), and IaC (Infrastructure as Code) tools.

• Experience with data visualization tools (e.g., Power BI).

• Familiarity with securing architecture, APIs, and web applications.

• Knowledge of common and emerging security threats.

• In-depth knowledge of security best practices.

• Exceptional analytical aptitude and attention to detail.

• Excellent communication skills.

• Fast learner / a strong willingness to learn.

• Good team player who is self-motivated and well organized.

What technical skills, experience, and qualifications do you need?

• 0-2 years of experience in an Application Security or related position.

• Familiarity in designing, implementing solutions like SAST (Static Application Security Testing), SCA (Software Composition Analysis), DAST (Dynamic Application Security Testing), and IaC (Infrastructure as Code) tools.

• Familiarity with Information Security frameworks/standards (e.g., CIS, NIST, RFC2196).

• Familiarity with common security libraries, security controls, and common security flaws.

• Strong troubleshooting and problem-solving mindset.

• Exposure or familiarity with Python, PowerShell, and/or Bash.

• Experience with SQL databases.

• Familiarity with securing cloud environments and knowledge of cloud platforms.

• Understanding the application development process.

• Understanding DevSecOps principles and practices.Familiarity with DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA

• Knowledge of Cloud & Kubernetes Resource Security, Secure Network and Architecture, SDLC standard and policies.

• Familiarity with Web App Protection AWS and Azure App Protection Policy, Configuration, and Security Management tools

• Expertise in Programming languages Python, NodeJS, SQL query and Vulnerable Code remediation.

• Stay up to date with the latest application security threats and trends.

• Understanding of observability tools and practices (e.g., logging, metrics, tracing) to enhance security visibility.

• Interest in leveraging AI/ML techniques for proactive security monitoring and threat detection.

• Job Identification 14432
• Job Category Application Development and Support
• Job Schedule Full time