Urgent position : Application Security Lead ||Location :NY ||Duration : 12+ months at Remote, Remote, USA |
Email: [email protected] |
From: Anita Rani Sahoo, VYZE INC [email protected] Reply to: [email protected] Hi, Hope you are doing well please find the requirement below and kindly let me know if you have good consultant for this Title : Application Security Lead Location: Hybrid Onsite 2-3x / Week in New York, NY Duration : 12+ months VISA : USC/GC LinkedIn must be needed , need local folks Job Description: Our Application Security team acts as a trusted assessor and risk advisor for the application development teams. The team comprises security engineers with expertise in software security and penetration testing. We are the go-to team to get an attackers perspective on any technology and constantly interacts with the numerous Engineering and Software Development teams. Your colleagues will be individuals who are passionate about technology and seek to be at the cutting edge of new cyber-attacks, vulnerabilities and security technologies. We are a part of the Information Security pillar within the Global Technology organization. As an Application Security Lead, you will: Assess security of software projects and improve cloud-based security programs Perform vulnerability and penetration testing. Document security findings with reasonable methods to secure. Perform threat assessments to identify possible risks and provide security recommendations and advice. Coordinate remediation efforts after security assessment findings outline weaknesses requiring attention. What You'll Need: 7+ years of experience in software security as a practitioner with exposure to vulnerability and penetration testing, threat modeling of applications, and code reviews Vulnerability, penetration-testing, and threat modeling skills Experience with security of intra-company and third-party APIs Experience with dynamic and static analysis tools Familiarity with tools such as Git, CI/CD pipelines, Docker, Kubernetes, and experience with scripting languages such as Python Familiarity with cloud and container security solutions such as Dome 9 and Aqua Security, or similar Network, Web protocols, and encryption experience, including SSL/TLS and public key infrastructure (PKI) Strong teamwork, communication skills and attention management abilities Bachelors, Masters degree or equivalent in computer science, programming, information security or engineering preferred Financial knowledge and interest are recommended eys: Application Security, AppSec, Penetration Testing, Threat Modeling, Vulnerability, Application Security, AppSec, Penetration Testing, Threat Modeling, Vulnerability, Application Security, AppSec, Penetration Testing, Threat Modeling, Vulnerability =================================================== NOTES Highly motivated individual, strong application security experience red teams 4-8 years is target range but can keep lose Not looking for Junior person Someone who takes ownership, self starter, can be given nebulous requirements and drive to the detail, chasing people down What is definition of successful outcome here, who do I need to partner with to get there Not going to be left to do anything on their own but need to take initiative Two sets of candidates: ones that start in application security pentesting, or one who has worked in software development and switched to appsec The 2nd type of candidate ideally is what he's looking for Working closely with SDLC and understanding code Any language People who have spoken at conferences are ideal Please look for candidates with one or more of the below certs from SANS or Offensive Security like the ones below CRTO, OSWE, OSCE, OSCP, OSWP, GPEN, Also will keep it focused on NY region candidates alone. Best Regards, Anita Rani Sahoo Technical Recruiter, Vyze Inc. (An E-Verified Company), 24718 Tribe Square #306, Dulles, VA 20166 Email: [email protected] www.vyzeinc.com Disclaimer: This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited, To remove your email address permanently from future mailings, please send REMOVE to [email protected] Keywords: continuous integration continuous deployment information technology golang green card New York Virginia Urgent position : Application Security Lead ||Location :NY ||Duration : 12+ months [email protected] |
[email protected] View all |
Thu Aug 01 19:04:00 UTC 2024 |