Senior Full Stack Application Development Security Auditor - Contract/Hybrid

About the position

The Senior Full Stack Application Development Security Auditor position is a critical role focused on enhancing the security of software development practices within the organization. This role is dedicated to collaborating with software development teams to ensure secure coding practices are integrated throughout the development lifecycle. The ideal candidate will possess a strong passion for designing and building secure platforms and applications, utilizing various assessment methodologies including Dynamic, Static, and Software Composition Analysis. In this role, the Senior Full Stack Application Development Security Auditor will work closely with both front-end and back-end developers, as well as cloud-based application teams, to transform the way systems are built, secured, authorized, and operated. The candidate will lead initiatives to implement security patterns and practices, leveraging orchestration and automation tools to automate secure configurations, verification, compliance, and authorization processes. This position is essential for maturing the organization's secure software development practices and ensuring continuous compliance and risk mitigation. The candidate will be expected to have functional knowledge of various development tools and application security scanning tools, as well as a deep understanding of the OWASP top 10 vulnerabilities. They will also need to demonstrate experience with API security, cloud development, and secure application development practices. This role requires a minimum of 5 years of IT experience, with at least 3 years focused on implementing security guidance and secure coding practices. The position is a 12-month contract with the possibility of extension, requiring in-person interviews and a hybrid work schedule, with two days per week on-site in Dimondale, MI.