| Senior Security Analyst OR Security Consultant - Remote -10+Years at Remote, Remote, USA |
| Email: [email protected] |
| From: andrew, Dewsoftech [email protected] Reply to: [email protected] Security Analyst II Location: Remote Position Type: Contract Job Description: looking for a seasoned Application Security Lead Analyst to join our team. As an Application Security Analyst, you will work as a consultant to our product development staff, ensuring the security of our applications throughout their lifecycle. Your role will be to identify potential vulnerabilities, suggest mitigation strategies, and support the development team in implementing these strategies. In addition, you will be responsible for creating and maintaining a Security Champion program to educate and guide our application developers in security best practices. PRIMARY RESPONSIBILITIES (indicate 5-10 key responsibilities/tasks that effectively describe the position; List from most important to least important): Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications Utilize Software Assurance Maturity Model (SAMM) to evaluate and improve the security of software development processes Continuously manage vulnerabilities by identifying, classifying, prioritizing, and mitigating them effectively Familiar with OWASP methodologies and incorporate them into security practices Work closely with product development teams to ensure secure coding practices are followed Educate application developers about application security to raise awareness and build a Security Champion program Leverage threat modeling for applications to identify potential threats and suggest suitable mitigation strategies Provide expert advice on the selection and implementation of appropriate security software tools. KNOWLEDGE/SKILLS Proficiency in programming languages such as Java, Python, C++, or others commonly used in application development. Knowledge of security technologies, application design and coding practices, remediation techniques, secure coding standards/DevOps methodologies. Proficiency with MACOS, Windows, Linux Knowledge of Full Stack development processes and protection mechanisms is a plus EDUCATION AND EXPERIENCE - (technical knowledge, skills and abilities an employee needs to successfully perform the position level; please distinguish between required and preferred) 3-5 years Application Security Experience Team management skills are preferred Proven experience as an Application Security Analyst or similar role In-depth knowledge of SAST, DAST, IAST, and SAC Knowledge of Gitlab Ultimate and other relevant security tools Familiarity with OWASP methodologies and application security vulnerabilities Experience in threat modeling and risk assessment Exceptional ability to educate and guide application developers in security best practices Excellent communication, presentation, and interpersonal skills Relevant certifications like CISSP, CSSLP, GWAPT, or GWEB will be a plus Bachelors degree in Computer Science, Information Technology, or a related field, or equivalent experience Thanks & Regards Andrew Symonds Senior IT Recruiter Email: [email protected] Keywords: cplusplus information technology Senior Security Analyst OR Security Consultant - Remote -10+Years [email protected] |
| [email protected] View all |
| Thu Jun 20 19:00:00 UTC 2024 |