Application Security Engineer
Telefoon contactpersoon:
+353 21 485 7200
Bedrijfssectoren:
Business Services
E-mail contactpersoon:
brian_osullivan@oxfordcorp.com
Responsibilities:
- Responsible for evaluation of security integration in current development environment; help the organization evolve its application security functions and services; Work closely with cross-functional teams (Engineering, DevOps, Product Owner) while carrying out daily tasks
- Integrate & automate security tools in a CI/CD pipeline such as Static Code Analysis and Dynamic Code Analysis tools (e.g. Static Application Security Scanning (SAST)); Provide leadership for application vulnerability scanning and penetration testing remediation
- Discover security exposures and develop mitigation plans, report and fix the technical debt; Ensure identified software vulnerabilities are re mediated and verified by using security testing techniques as part of development and quality process
- Provide support to the projects on all application security activities: coach and train development teams on secure coding techniques; Actively expand consulting skills and professional development through training courses, mentoring, and daily interaction with clients
- Represent the "Security by Design" in Information Security programs; actively participate in security initiatives with minimum supervision
- Contribute to requirement gathering with product teams; participate in team problem solving efforts and offer ideas to solve client issues
Requirements:
- Minimum Bachelor's degree in Computer Science or Information Security, or in a related technical field. Other degree is also accepted, if the appropriate experience is proven to exist
- Certification security professional is a plus (GSEC, CISSP, CEH, OSCP or CCSP etc.)
- Knowledge of cyber and information security standards (NIST, ISO2700x etc), especially OWASP SAMM Experience: Strong software design and implementation know-how, strong familiarity with web protocols, a thorough knowledge of Windows/Linux/Unix tools and architecture and well-versed in application security or infrastructure security; Technical expertise in at least one domain: software development, network engineering, authentication or security protocols, systems engineering, cryptography, or a combination of all. Familiar with security best practices and knowledge of common and emerging security threats. Professional experience at least 3-5 years
- Organizational skills: Ability to make information security risk-based prioritization decisions and ability to make complex business/risk trade-off recommendations and decisions; drive the remediation of issues to reduce the risk for the organization and products
- Teamwork and collaboration skills: Good team player with the ability to lead security initiatives combined with persistence and assertiveness
- Communication skills: Great communication skills to explain complex security topics in simple language and easy to understand concepts.
- Language skills: English is a must,and German or English and French
- OWASP SAMM
- Good Security understanding around Software Development
- Provide Security knowledge to Developers on how to make Software secure
Naar vacature
Meer vacatures van Oxfordcorp
Meer Application Security Engineer vacatures