My client are seeking a security engineer) to design and implement application security controls/services and champion security initiatives across our team. This is a greenfield opportunity where you will help design the security architecture and determine our future roadmap. You will work alongside highly-skilled and passionate innovators who know how to deliver exceptional results while also having some fun along the way.
Responsibilities:
Desig
- n, implement and manage application security controls; integrate and automated security tools and testing into the CI/CD pipeline. Ensur
- e security processes are included in all phases of Software Development Lifecycle (SDLC). Lead
- application scanning and penetration testing activities and drive remediation of findings. Lead
- the selection and management of static/dynamic code analysis tools. Perfo
- rm security assessments and provide recommendations on securing our various web applications and APIs; contribute to secure coding standards and participate in code reviews. Desig
- n and manage application monitoring and forensics capabilities.
- Serve as a security expert and provide guidance and technical leadership to other staff members.
- Keep abreast of and provide recommendations on emerging AppSec technologies/tools.
- Support compliance/certification activities and participate in security audits/reviews.
Required Qualifications:
- 6+ years experience in the cybersecurity, IT, or engineering fields; with at least 2 years in an AppSec role.
- Strong understanding of application security domain including OWASP Top Ten, exploitation and defense of web applications and APIs.
- Strong understanding of authentication/authorization, OAuth, JWT, secret/key management, and encryption technologies.
- Experience with automated software testing, static/dynamic code analysis, whitebox/blackbox testing and the associated open source and/or commercial tools.
- Experience developing in modern programming language such as Java, Spark, C# or Python
- Ability to work effectively in a cross-functional setting through influence, persuasion, and collaboration; strong communication skills
Preferred Qualifications:
- BS/MS in computer science/engineering or equivalent work experience.
- Software development experience preferred
- Familiarity with regulatory security/privacy standards such as HIPAA, GPDR, NIST or ISO.
- CISSP, GIAC or CCSP certification preferred.
by via developer jobs - Stack Overflow
No comments:
Post a Comment