Roles & responsibility
- Plan, research and design robust security architectures for any IT project. Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Oversee security awareness programs and educational efforts .Prepares system security reports by collecting, analyzing, and summarizing data and trends.
- Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
- Implementation of static and dynamic automated security testing tools and their deployment within Continuous Integration systems.
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Knowledge of SAST & DAST tools
- Strong ethics and understanding of ethics in application security
- Understanding and familiarity with common code review methods and standards
- knowledge of OWASP tools and methodologies
- Understanding of HTTP and web programming
- Knowledge of common security requirements within JAVA application
- Knowledge of Secure SDLC practices
- Minimum of 5 years work experience in application security
- Ability to complete tasks and deliver professionally written reports for clients
- Ability to present findings to technical staff and executives
Desired Requirements:
- Possess current security certifications (e.g., CEH, CHFI, OSCP, CISSP)
- Experience with vulnerability scanning tools (e.g., AppScan,Qualys, Nessus, Nexpose, Saint)
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
- Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify, Checkmarx)
- Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
- Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
Didn’t find the job appropriate? Report this Job