AppScan GitLab Engineer
DataStaff is in immediate need of an AppScan GitLab Engineer for one of our direct clients for a contract-to-hire opportunity.
NOTE: This role is remote
- Maintain, Run, and Troubleshoot the suite of GitLab application vulnerability scan tools that the agency uses for pre-production gating.
- Install GitLab Runners prior to pre-prod application scans
- Learn and improve upon (if necessary) the yml template for pre-prod scans
- Act as GitLab scanning and security SME in conversations with Federal counterparts
- Work with GitLab vendor to evaluates and test upcoming releases to scanning tools; avoid any issues that could occur to EPA’s scanning processes by implementing the released upgrade
- Conduct analysis of scan results and inform application owners of vulnerabilities
- Assist application developers with false positive determination/justification
- Stay abreast of security policy changes and communicate them to EPA counterparts
- Develop and maintain standard operation procedures related to the Application Security team and their assistance to the DevSecOps team
- Develop and maintain training materials for application owners/submitters of application scan requests
- Provides recommendations to clients on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies
- Comfortable speaking, with confidence, to executive level customers
- May coach and provide guidance to less-experienced professionals
- May serve as a team or task lead
- BA/BS in IT or IT Security related major or relevant experience
- 3 Years – Actively maintaining and running GitLab scan tools:
- DAST UI and DAST API tool experience is required.
- GitLab Certified Security Specialist Certification
- Dependency/SBoM, SAST and Secrets Detection experience.
This opportunity is available as a W2 position with a competitive benefits package. DataStaff, Inc. offers medical, dental and vision coverage options as well as paid vacation, sick and holiday leave. As many of our opportunities are long-term, we also have a 401K program available for employees after 6 months.