Job Role: Security Architect
Duration: 6+Months
Location: Chicago, IL (Onsite)
Primary Skills: Security, SAST, DAST, API
Rate: $65/hr on 1099
Role Overview:
The consultant will be responsible for end-to-end application security testing across enterprise applications. This includes Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), API security testing, AI/ML platforms, and penetration testing.
This role requires deep expertise in identifying vulnerabilities, guiding remediation, and ensuring compliance with industry standards such as OWASP Top 10, CWE, CVE, and NIST guidelines.
Required Technical Knowledge & Competencies
Expertise in SAST, DAST, API security testing, and penetration testing.
Strong programming knowledge (Java, .NET, Python, JavaScript) for code level analysis,
Background of Development
Build, maintain, and secure automation pipelines using tools like Jenkins, GitLab CI, or GitHub Actions, ensuring security scans occur at every code commit.
Implement and manage security tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Security (e.g., Trivy), and dependency scanning
Use tools like Terraform or Ansible to deploy secure, compliant infrastructure.
Proactively identify, prioritize, and remediate security vulnerabilities in application code and infrastructure.
Ensure compliance with industry standards (e.g., PCI-DSS, GDPR) by embedding compliance-as-code into the development workflow.
Act as a security advocate, working with DevOps and Development teams to foster a "security first" culture. Familiarity with cloud security testing (AWS, Azure, GCP),
Experience with container security (Docker, Kubernetes),
Excellent communication and stakeholder management skills.
Qualifications:
Bachelor's degree in computer science, Information Security, or related field,
6-8 years of IT experience, with at least 5+ years in application security testing.
Preferred certifications: OSCP, CEH, GWAPT, CISSP