Your responsibilities include:
- Developing education and awareness of secure development practices, engaging with business stakeholders and validating the security of applications and services.
- Performing application vulnerability assessments.
- Performing secure code review across a variety of programming languages
- Automating security testing and processes as part of CI/CD.
- Identifying inherent vulnerabilities and information security risks within systems and applications.
- Performing assessments of SDLC processes
- Developing testing scripts and procedures
- Documenting and communicating security findings, risk description, risk level, and recommended solutions to stakeholders.
- Managing security incidents when required
- Documenting security policies, standards and guidelines
- Training and educating developers and teams in secure coding techniques.
You will have:
- Strong experience with web and mobile application security
- Experience with configuration management tools such as Puppet, Chef or Ansible. Any security automation experience is highly desirable.
- Strong platform experience. EG) Linux, Redhat, CentOS or similar.
- Experience/exposure with continuous integration and relevant tools such as Bamboo, Jenkins or similar.
- Proven experience with AWS and knowledge of the breath of services and their application.
- Strong understanding of Application Security, Software development practises, DevOps, Continuous Delivery, Continuous Integration, "Infrastructure as code', automation, Secure Development and related practices and ideas.