מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
What you'll do
Deep understanding of adherence of Secure Software Development Lifecycle (Secure SDL) during design, development, testing, debugging, delivery and support phase of products.
Support in external and internal audits and certifications of products (e.g., ISO 271001, SOC2 Type1/ Type 2 etc)
Basic understanding of OWASP top 10 and similar application security methodologies
Hands on experience in conducting penetration for web application, API, Webservices, mobile application and thick clients (both cloud and on prem)
Proven hands-on experience working with Static (Checkmarx & Fortify) and Dynamic Security Scan tools (Burp suite, WEB Inspect).
Experience on Open-Source Security code scan tools (e.g., WhiteSource and Blackduck)
Prior experience with Secure Programming principles in at least one programming language (Java, JavaScript’s, C++ etc) will be added advantage.
Understanding of architecture and basic development experience with SAP technologies will be an added advantage.
Expectations and Tasks
Her/His technical competencies therefore include the ability to
-Lead Security Evaluations & Estimations during the Solution Proposal phase (prior delivery).
-support the Threat Modeling Workshops and Data Protection Compliance Evaluation Workshops during the Design phase.
-perform end to end risk assessment.
-own the DPP testcases and audit the mandatory execution of these tests during the MIT phase.
-conduct of the Security Code Scans on support bug fixes and regression tests for resolution of critical Security vulnerabilities
Work closely with Solution Architects, Development Architects, Project Managers, Developers and Quality Assurance, to coordinate the delivery of secure solutions (delivery includes design, development, testing, documentation, go-live and maintenance & support activities)
Perform penetration testing for the applications.
What you bring
5-8 years of total experience in Information Security
Security certifications like CEH, Security+, CCSP, CISSP or any other security related certifications is preferable.
Good English communication skills (written and verbal)
Job Segment:Open Source, ERP, Cloud, Testing, Technology, Security
משרות נוספות שיכולות לעניין אותך