Source Code Reviewer Consultant

Description:

𝐓𝐡𝐞 𝐢𝐝𝐞𝐚𝐥 𝐜𝐚𝐧𝐝𝐢𝐝𝐚𝐭𝐞 𝐦𝐮𝐬𝐭:
1. Possess expertise in multiple programming languages relevant to the bank’s codebase.
2. Conduct thorough Source Code Reviews (SCR) to identify vulnerabilities including, but not limited to SQL Injections, Cross-Site Scripting (XSS), Buffer Overflow, OWASP Top 10 vulnerabilities.
3. Deliver detailed reports highlighting vulnerabilities, potential impact, and recommended remediation steps.
4. Collaborate with development and operations teams to resolve identified security issues.

𝐑𝐞𝐪𝐮𝐢𝐫𝐞𝐝 𝐒𝐤𝐢𝐥𝐥𝐬 & 𝐐𝐮𝐚𝐥𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬
1. 𝐏𝐫𝐨𝐠𝐫𝐚𝐦𝐦𝐢𝐧𝐠 𝐒𝐤𝐢𝐥𝐥𝐬
Proficient in Python, Java, C++, C#, Swift, etc.
2. 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐱𝐩𝐞𝐫𝐭𝐢𝐬𝐞
Strong understanding of secure coding practices and common vulnerabilities.
3. 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬(any of the following)
CSSLP, CASE, OSCP, Offensive Security Certified Expert, or other relevant certifications.
4. 𝐓𝐨𝐨𝐥 𝐏𝐫𝐨𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲
Static & Dynamic Code Analysis Tools: Veracode, Checkmarx, Fortify
Penetration Testing Tools: Metasploit, Burp Suite, Nmap, Wireshark
Scripting: PowerShell, Python, Bash
5. 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐔𝐧𝐝𝐞𝐫𝐬𝐭𝐚𝐧𝐝𝐢𝐧𝐠
Network protocols, security architecture, and system-level security concepts
6. 𝐂𝐨𝐦𝐦𝐮𝐧𝐢𝐜𝐚𝐭𝐢𝐨𝐧
Ability to communicate findings and collaborate effectively with tech teams and stakeholders