Vacancy expired!
- Define application security strategies that are customized to the business goals
- Develop secure software development life-cycle processes
- Perform threat modeling on existing and upcoming applications
- Perform static application security testing (SAST) of the code base on a regular basis
- Perform dynamic application security testing (DAST) using open source and commercial tools
- Identify and mitigate vulnerabilities originating from third party components
- Review security alerts and reports and work closely with the DevOps team to design work-flows
- Provide secure system and software development training and best practices to the software engineering teams
- Familiar with Financial Services regulators, regulations and best practices (e.g. OCC, FRB, FFIEC, FINRA, SEC, IIROC, SOX, GLBA, GDPR)
- Process improvement and procedure are documented and maintained per RCSA process
- Experience with automation tools (e.g. TeamCity, Jenkins, Bamboo, GitLab, Kubernetes, Ansible, Chef, Puppet, Salt)
- Experience in using scripting languages and deploying applications (e.g. Python, .Net, Java, Perl) to automate tasks and manipulate data
Vacancy expired!