Security Architect - Cloud Infrastructure
Pylon Management Consulting
Bangalo
há 5 dias
source : hirist.com

Job Description :

  • Maintain awareness of the current security threat landscape
  • Perform hands-on source code review as well as static and dynamic program analysis, auditing results and offering plans for vulnerability remediation and / or mitigation
  • Work with development and project teams to promote and ensure the use of secure coding practices
  • Utilize knowledge and understanding of application architecture, design, development and secure coding principles and emerging standards to identify findings and clearly communicate risks and possible remediation
  • Hands-on experience in source code review, threat modeling and application penetration testing
  • Experience in application development and knowledge of programming / scripting languages i.e. C#, Java, JavaScript, SQL, Python etc.
  • Knowledge of secure software development methodologies and tools for static and dynamic application analysis.
  • Provide guidance to developers on recommended controls and counter measures.
  • Qualifications :

  • Knowledge of common and emerging security risks, such as OWASP Top 10, SANS Tops 25.
  • Ability to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2 and CWE 25 to any audience, and discuss effective defensive techniques.
  • Experience in application development and knowledge of programming / scripting languages i.e. C#, Java, JavaScript, SQL, Python etc.
  • Moderate (to Expert) hands-on knowledge of various cloud technologies (Azure preferred)

  • Hands-on experience in source code review, threat modeling and application security testing.
  • Experience with DevOps foundational knowledge.
  • Experience with waterfall and agile development processes and experience integrating security practices into both models.
  • Knowledge of secure software development methodologies and tools for static and dynamic application analysis.
  • Experience with cloud-based Infrastructure-as-Code (IaC).
  • Preferred to have GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Web Application Defender (GWEB), Certified Information System Security Professional (CISSP) or equivalent certification
  • Strong verbal / written communication, with ability to effectively interact with individuals at all levels.
  • Must be able to prioritize, delegate and foster the development of high-performance teams to lead / support an environment driven by customer service and teamwork.
  • Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously.
  • ref : hirist.com)

    Reportar esta oferta de trabalho
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Candidatar
    Meu email
    Ao clicar em "Continuar", você concorda que a neuvoo coleta e processa seus dados pessoais, que você forneceu neste formulário, para criar uma conta neuvoo e assinar nossos alertas por e-mail, de acordo com nossa Política de Privacidade . Você pode retirar seu consentimento a qualquer momento, seguindo estas etapas .
    Continuar
    Formulário de candidatura