| Security Tester Need 10+ Years Profile at Remote, Remote, USA |
| Email: [email protected] |
| From: Patricia, W3Global [email protected] Reply to: [email protected] This position is composed of a variety of activities, including very tactical, operational and strategic activities in build and support of the ISM program Strategic Support and Management Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure risk is mitigated across all the products/projects. Develop, maintain and publish up-to-date information security process, standards and guidelines for the software products. Implemented controls to ensure contractual obligations and security requirements are met. Oversee the approval, training, and implementation of security practices and standards. Design, plan, strategize security scanning, ensure that proper tests/ scans are executed. Discuss and walk dev tam through the results and prioritization of the findings Work directly with the GCOM security and project teams to facilitate IT risk assessment and risk management processes, and work with stakeholders across GCOM products on identifying acceptable residual risk. Provide regular reporting on the current status and progress of the information security program Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Liaise with the architecture/dev team to ensure alignment between the security and architectures/infrastructure/development. Ensure that security programs comply with relevant laws, regulations, contracts requirements and policies to minimize or eliminate risk and audit findings. Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation. Help to develop and oversee effective compensation controls. Coordinate the development and execution of security test scanning. Provide direction, support and in-house consulting in these areas. Experience with Fortify.io: The ideal candidate should have experience with Fortify.io and a deep understanding of how to run security scans using this tool. Familiarity with programming languages: The candidate should have experience with programming languages such as Java, C++, C#, and Python, as these are the languages that Fortify.io supports. Knowledge of OWASP Top 10: The candidate should have a solid understanding of the OWASP Top 10 web application security risks and how to mitigate them. Understanding of security testing methodologies: The candidate should be well-versed in security testing methodologies, Product testing Keywords: cplusplus csharp information technology |
| [email protected] View all |
| Tue Jun 20 04:05:00 UTC 2023 |