Seasoned IT Security Professional who would contribute to the monitoring and assessing of the security levels of IT application developed and/or maintained by the team. He or She will participate in IT project reviews conducted both on a global and local basis, and this requires the incumbent to foster close working relationships with the IT development/Production teams, domain teams and the business users.
You will be in charge of:
- Integration of security into software development during design and development
- Analysis of IT systems architecture in terms of security and risk/threat modelling
- Contribution to the definition of the different types of security tests to be performed
- Supporting the development team in terms of secure development practices
- Supporting the infrastructure/middleware teams in terms of securization
- Performing security code reviews and white box penetration testing during the development sprints
- Automation of security testing process
- Coordinating with the third party vendors and internal stakeholders for the penetration and black box testing
- Review and assess the results of external penetration testing, and agree corrective action
- Supporting the development teams to reproduce issues
- Research and monitor current software security risk
- Provide software security training to the development team.
Skills & Experience:
- Bachelor’s degree in Computer Science or the equivalent. A master’s degree is a plus
- At least 2+ years of hands-on experience doing security code analysis or reviews
- At least 2+ years of hands-on experience doing penetration and vulnerabilities tests
- At least 2+ years of hands-on experience as a software developer
- Any certification around security: GSSP JAVA, GWEB, ECSP, CSSLP, CEH, CES etc.