Application Security Specialist
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
This job has now expired please search on the home page to find live IT Jobs.
THE ROLE
As the application security specialist, you will be the technical lead for application security across Europe. As such you will be responsible for internally executed SAST and DAST scanning, externally executed penetration testing and secure coding. You will be working as part of a growing global team in an exciting technology led environment.
Duties and responsibilities:
Working with a number of technical stakeholders to:
integrate Security controls into the SDLC
guide and perform security activities including risk assessments, intrusion attempts, vulnerability testing and analysis, code review, static and dynamic code testing, and penetration testing of mobile and web applications;
provide responses and action plans to external security assessments
Scoping penetration tests and analysing the results
Carrying out SAST and DAST scanning using the in-house toolset, and reviewing the results
Prioritising all application security vulnerabilities and co-ordinating with development and project teams to ensure they are remediated in a timely manner
Educating the development community on secure coding practices
SKILLS AND EXPERIENCE REQUIRED
Experience with DAST, SAST and MAST scanners
Good working knowledge of OWASP and familiarity with SecDevOps
Knowledge of and experience with commercial and open source application security tools such as IBM Appscan, Veracode, Metasploit, Checkmarx, QARK, Burp Suite, Arachni, Nikto, Retina, BlackDuck, Nmap, Kali Linux, and Wireshark
Knowledge and experience in application security testing including penetration testing and code review
Understanding of securing applications in a cloud environment
Deep knowledge of security technologies, protocols and controls such as, firewall management, system hardening, encryption, PKI, IDS/IPS, Application firewalls, different type of attacks
Working knowledge of a variety of programming languages
Excellent communicator and influencer
Degree educated or equivalent work experience
CISSP, GPEN, GWAPT, OSCP, CEH, CHECK certified