Paragon Technology Group

  • SAST Code Reviewer

    Job Location US-MD-Lanham | US-Remote / Work from Home
    ID
    2018-1689
  • Overview

    Paragon Technology Group, Inc. is a leading provider of strategic technology solutions to the public sector. Founded in 1997, Paragon has been recognized as one of the top 50 fastest growing companies in the Washington, D.C., Metro area. Paragon delivers an extensive suite of IT services across the public sector and is renowned for delivering technical excellence in every client engagement.

    Responsibilities

    The Code Reviewer will be part of a multi-functional team.  Responsibilities include, but are not limited to:

    • Review, analyze, assist in prioritization of findings; develop actionable reports for business unit and IT project teams responsible for mitigating vulnerabilities.
    • Develop and document a repeatable process for reviewing, analyzing, assisting in prioritization of findings and developing actionable reports; support IRS in execution of network/operating system and database vulnerability scans.
    • Operate and maintain the Enterprise Static Application Security Testing (SAST) software (currently AppScan Source).
    • Assist business unit and IT project teams in understanding scan output.
    • Assist in enabling application projects development teams to understand how to leverage scanning tools during the development process to help them meet S NIST 800-53 SA-11 security requirements in a rapid development and DevOps environments Build and document repeatable processes for integration of the scanning tools into the rapid development process.

    Qualifications

    • Applies current principles and techniques to complete testing, quality assurance review and evaluation of new and existing software products.
    • Experience using appropriate Vulnerability Testing tools, examples in NIST 800-115, specifically AppScan Source, SonarQube and the OWASP Dependency Checker
    • Vulnerability Testing (skills and methodology). Experience integrating SAST tools into their development environments, to enable build automation and DevSecOps
    • Expertise providing knowledge transfer and assistance to developers for use of scanning tools throughout development, including AppScan Source install,
    • Knowledge of Application build process & tools
    • May perform work on any system in the IRS or any system operated on the behalf of the IRS.

    Travel less than 10%

    Bachelor’s degree in related technical field.

    CISSP or related certification desired

    Ability to obtain IRS Security Clearance. Requires favorable background investigation and National Agency Check to include a Federal Bureau of Investigation fingerprint check. Must be a US Citizen.

     

     

    Paragon is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices on the basis of: race, color, religion, gender, national origin, age, sexual orientation, gender identity, disability, veteran status, or any other characteristic protected by country, regional, or local law.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed