- The person will be responsible for providing advisory to development / project teams on the security aspects of the SDLC (Software Development Lifecycle).
- The person is expected to evaluate new technologies and processes to improve Application Security outcomes.
- The person is expected to guide application teams on Secure SDLC activities and contribute improvements to existing tools and processes, such as: SAST, DAST, SCA, Security requirements, Secure Code Review and Developer application security training.
Job duties and responsibilities:
- Provide advisory for development / project teams on Application Security.
- Contribute to the improvements of our existing application security tools and processes:SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), SCA (Software Composition Analysis), and secure coding guidelines.
- Provide advisory on application security tools and processes: SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), SCA (Software Composition Analysis), and secure coding guidelines.
- Contribute to the improvements of Secure SDLC practices, such as Security Requirements, Secure Design and Secure Code Review.
- Bachelors degree in IT or any related discipline
- Proficient with programming & scripting languages such as: Java & Python
- Knowledge and experience in the modern software development practices (Agile, DevOps, DevSecOps)
- Knowledge and hans-on experience with DevSecOps processes and tooling, such as SAST, DAST, SCA and IAST.
- Understanding of OWASP Top 10, OWASP ASVS/MASVS
- Penetration testing experience is a plus
- Experience in Code Reviews and/or application security assessments is a plus
Interested candidates may send in their resume and cover letter directly to email@example.com
Hibah Bakhtavar | EA License No. 02C3423 | Personnel Registration No. R21103109
Hibah Bakhtavar EA License No.: 02C3423 Personnel Registration No.: R21103109