Vacancy expired!
- Position requires a bachelor's degree in information technology or a related field and five years' experience in information security or application development.
- A CISSP Certification is required.
- An Application Security certifications such as OSCP, GPEN, or GWEB is preferred.
- Will accept any suitable combination of education, training, or experience.
- Develops and maintains technical solutions for the ongoing improvement of Application security, as well as automating and orchestrating repetitive or manual tasks and promoting self-service.
- Keeps current on emerging technologies, open system standards, and management technologies as they relate to the support of our business needs.
- Leads operational tasks and responds to urgent requests when necessary, as well as participating in annual disaster recovery exercises and plan updates.
- Creates knowledge base articles and ensures they are kept up-to-date and provides operational training to partners and team members in accordance to industry standards.
- Leads safe and detailed security testing on applications, computers systems, and networks that are external or internal facing using manual tests and automated tools (such as: code scanning tools (dynamic/static), manual exploit testing scripts, manual application logic crawling).
- Demonstrates to technology and system owners how to exploit found vulnerabilities (break into) on applications and systems when they are identified to aid teams in understanding and remediating.
- Assists in defining and maintaining a well rounded application security assessment program.
- Assist and support Senior Engineers and Architects with projects and defined deliverables.
- Work with internal infrastructure and platform teams to advise on risk reduction and facilitate remediation work to ensure application code is free of vulnerabilities.