· 1-6 years of experience in **secure code reviews.
· Identify security vulnerabilities in source code using automated or manual static analysis tools and techniques.
· Knowledge of cloud environments and deployment solutions such as server-less computing;
· Knowledge of one or more scripting languages for automation and complex searches;
· Analyze source code of findings reported by SAST tools and eliminate false positives.
· Train and assist developers in describing and remediating existing vulnerabilities.
· Good understanding of the cloud;
· Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk;