Your role in a nutshell:
The Application Security Specialist provides expertise to inform and validate the secure design and development of IT applications including changes to existing applications.
The position will be a part of the Cyber Security team responsible for security.
A day in the life:
- Ensure that application security is an embedded and critical part of the software delivery lifecycle (including during the early stages of projects) regardless of delivery methodology and tool sets used (e.g. static code analysis)
- Train and educate developers and teams in secure coding techniques including use of supporting toolsets and enable them to self service
- Perform application vulnerability assessments including regular scanning and penetration testing activities. This includes but is not limited to managing PCI-DSS quarterly ASV scanning and wireless network security scanning
- Perform secure code review across a variety of programming languages
- Help tune Web Application Firewalls (WAF) and modify WAF policy to virtually patch applications where required
- Develop functional security testing scripts and procedures and identify opportunities to automate security testing and processes
- Identify inherent vulnerabilities and information security risks within systems and applications
Your background, skills, and experience:
- Experience with web and mobile application security
- Strong understanding of OWASP top 10 and similar application security methodologies
- Strong understanding of cryptography and SSL certifcate lifecycle management
- Experience with security tools including static code analysis and vulnerability scanning
- Platform experience. E.g. Linux, Redhat, CentOS or similar
- Experience with agile software development practices and methodologies
- Comprehensive Web Application Firewall, F5 ASM & iRule experience.
- Any security configuration and/or automation experience is highly desirable
What next?
Apply Now with your CV in WORD format
