We are looking for an Penetration tester / Information Security Analyst, who enjoys security work and possesses some expertise in the information security and data privacy space, to be part of currently expanding Information Security, Privacy & Compliance initiatives within Information Security & Data Privacy Office.
This is a great opportunity for developing a high level career. The candidates will work in a highly motivating environment, which encourages team spirit, cooperation and continuous learning, as a member of a very competent team.
The Application Security Analyst helps improve and maintain the Omilia application security program by serving and providing experienced guidance pertaining to secure software development, design and testing. The resource will partner with DevOps, Engineering and Delivery teams to educate, evangelise, and validate secure development practices.
The right candidate should have experience with secure software development design principles and secure testing is required for this position:
• Perform security activities, including security design reviews, threat modeling, code auditing on internally & externally developed software
• Govern automated secure coding tools and processes (SAST, DAST)
• Provide Application Security guidance and training to developers and testers for building resilient products
• Perform penetration testing against web applications and hosting infrastructure
• Produce security reports pertaining to vulnerability metrics found in testing efforts
• Operate as incident responder for triage pertaining to web-based vulnerabilities
• Manage 3rd-party security assessments for applications and infrastructure
• Leverage experience and understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST)
• Build, maintain, and enforce application security development policies, procedures & standards
• Continuously improve program influence of modern application security principles in an Agile methodology
The Application Security Analyst background should include:
• A minimum of 3 years of experience working in a Software Engineering role
• A minimum of 2 years of experience working in Static and Dynamic Code Analysis and Software Vulnerability Assessment
- Building successful cutting-edge technology products that are making a global impact in the service industry
- Work From Home policy applicable
- Proficient and fun-to-work-with colleagues
- Long-term employment
- Apple gear