Azure Dev Ops, Jenkins, Bamboo, etc.); Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience; Manual testing tools such as Burp Suite Pro; Knowledge of and experience with SAST/DAST/SCA Application Security tools (Invicti (DAST) or Checkmarx (SAST/SCA); Experience with the integration of tools into development pipelines; Experience understanding and mitigating Application Security related vulnerabilities; Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C#. Collaborate with developers to provide secure design guidance and remediation strategies; Familiarity with CI/CD systems (i.e. GitHub) and integrating software security tools into the development workflow; Strong understanding of web application security principles and best practices; Manage, maintain and operate application security tooling, including configuration, tuning, and automation.