Vacancy expired!
- Leading Application Security efforts (SAST & DAST) to ensure a secure SDLC in large scale environments.
- Securing applications in Cloud environments (AWS/Azure)
- Assist with remediation of vulnerabilities and potential issues found during penetration tests.
- Promote application security through the implementation of the DevSecOps program.
- Ability to work with APIs and Plugins to integrate AppSec tools into established CI/CD pipelines.
- Able to manually test, validate and articulate all vulnerabilities identified.
- Performs expert threat modeling to identify all possible attack vectors.
- Ability to create POCs to demonstrate vulnerability severity and potential impact.
- Review and analyze vulnerability data to identify security risks to the organizations network, infrastructure, and applications.
- Determine vulnerabilities that are false positives through code review and manual validation.
- Interpret the risk of vulnerabilities and communicate business impact and remediation actions to the technical teams and business leaders.
- Prepare security vulnerability and risk management reports for management.
- Coordinate remediation of vulnerabilities within established timeframes.
- Programing/Scripting experience highly desired.
- Understands and can articulate cyber security risks and appropriate controls to all levels of the organization.
- Implements automation by scripting and APIs to integrating security products.
- Performs testing of cyber security controls to ensure effectiveness against the latest threats.
- Support the development and deployment of innovative security solutions to safeguard assets, in the cloud and our data centers, while enabling the business.
- Proactively identify, evaluate, and assist in the mitigation of cybersecurity risks aligned with the organizations risk posture as well as business and operational objectives across an international footprint.
- Work closely with business, product, and technology teams to understand business objectives, initiatives, and ensure alignment with cybersecurity objectives and requirements.
- Review and analyze vulnerability data to identify security risks to the organizations network, infrastructure, and applications.
- Engage with the Cybersecurity, Security Awareness & Education, and Business Information Security teams to assist in effectively driving program maturity and mitigation of cybersecurity risks.
- Stay abreast of relevant international security regulations, laws, and technologies across and adjusting programs and processes as required.
- Bachelors degree in Information Security, Computer Science, or equivalent combination of industry related professional experience and education.
- 7 + years experience in IT Security, Risk and/or Compliance or equivalent.
- 2- 5 years experience in a Pen-Testing role
- Strong experience in AWS and Azure
- Excellent organizational, project management, and follow-up skills.
- Excellent communication, presentation, and reporting skills
- One or more of GSEC, GCIA, GCIH, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)
- Network / System Administration experience
- Experience with scripting / automation / programming languages.
- Experience with Veracode, HP WebInspect, Qualys, Nessus, Splunk, ZAP, Burp Suite, Kali Linux, AWS.
- Ability to work in a fast-paced and dynamic environment
- Ability to work in a team and independently to fix issues with little or no supervision
- Excellent organizational, project management and follow-up skills
- Ability to build effective working relationships at all levels of the organization
- Excellent communication skills
Vacancy expired!