IT Security Officer - OWASP Top 10 - Investment Banking
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
IT Security Officer - OWASP Top 10 - Investment Banking
IT Security Officer required for top Investment Bank to promote and support security best practices in software Development Lifecycle of development teams.
Skills required:-
Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process
Familiarity with common security vulnerabilities (e.g. OWASP Top 10)
Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them.
Excellent knowledge of programming best practices, design patterns, etc.
development experience, preferably in Microsoft Visual Studio, .NET and Java
Experience of specific security products and technologies: CA Siteminder, 2 factor authentication, Kerberos / SAML authentication solutions
Experience of the development lifecycle within .NET, C# and/or Java projects
Hands-on penetration testing experience
Experience with source code analysis products (HP/Fortify)
Knowledge of Web Application Firewalls: how to apply them and to define effective custom rules
Competent in technical interviewing
This is an exciting opportunity to work with interesting security challenges in an environment with many different development platforms, communications technologies, and advanced trading systems.
The role encompasses a number of activities & responsibilities:
To promote and support security best practices in software Development Lifecycle of development teams. Will involve working with developers to integrate tools such as source code analysis into their build environments and to assist with the identification, tracking, and remediation of vulnerabilities.
To actively engage with development community (executive committees, team meetings) to evangelize security best practices and ensure that security requirements receive sufficient attention.
To prioritize and schedule penetration testing performed by application security team. To challenge the results and ensure remediation options are appropriate and implemented in a timely manner.
To provide expertise on discovered vulnerabilities and to mediate / arbitrate disputes between developers and an offshore security testing teams
To drive, track, and assist application development teams comply with the Application Security baseline. Work with development and application security teams on subjects such as strong authentication, encryption, data protection / leakage, etc.
To strengthen development practices and improve overall development security through the highlighting of good practices and development methodologies.
Adlam Consulting operates as an Employment Agency & an Employment Business Applicants must be eligible to work in the specified location