Role purpose
Enable the Group to operate and expand an Application Security Programme and reduce application-level vulnerabilities.
Key Responsibilities
- Enable teams to consume Application Security offerings
- Review scan results to eliminate false positives
- Work closely with software product teams to consult them on identified vulnerabilities and mitigation plans
- Contribute to Application Security education programme
- Automate recurrent tasks and embed security best practices into Agile and DevOps processes
- Contribute to technical and non-technical documentation to drive and ensure team’s success
- Evangelise Application Security as an enabler
- Contribute to secure coding best practises
- Hands-on experience in enterprise scale implementations of automated Application Security Testing (SAST, SCA, IAST, etc)
- Knowledgeable in CI/CD practices as well as tools that implement them
- Ability to review application security testing findings and provide remediation guidance
- Deep understanding of common as well as emerging vulnerabilities and how they manifest in different types of applications (web applications, thick clients, APIs, etc)
- Familiarity with OWASP Top 10, SANS Top 25, NIST and ASVS
- Familiarity with popular development languages such as Java
- Ability to work independently on the task at hand
- Ability to work well under pressure
- Stakeholder (technical) relationship management
- Critical thinker
- Practical application of lessons learned into the team’s practices
- Excellent verbal and written communication and presentation skills, with ability to convey technical concepts to non-technical audiences
Generating Apply Link...
.png)
