Tuesday, May 30, 2017

Job: Application Security Engineer at Workfront Armenia Company

Location: 1 Hyusisayin Avenue, Yerevan, Armenia

Category: Software development

Type: Full time

Deadline: 26-Jun-17 00:00:00

Salary:

Description

Responsibilities

  • Identify risks and areas of exposure in applications developed
  • Perform security reviews of source code, stored procedures, and server/service configurations.
  • Define and document application security requirements for applications.
  • Oversee development of security components throughout all stages of the SDLC.
  • Perform manual and automated security testing of Workfront applications.
  • Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.
  • Educate developers on secure coding techniques and security best practices.
  • Participate in development of security policies, standards, and processes.
  • Participate in incident handling and perform application-related forensics activities.Reviewing design documents and threat model risks
  • Use  application security testing tools (BurpSuite, Zap, Sqlmap etc)
  • Communicate with development and business owners about risk
  • Develop and maintain vendor application security assessment process
  • Evangelize business risk to company
  • Manage 3rd party pentests/bug bounty

RequiredQualifications

  • 5+ years combined of software development or application security experience
  • Understand Privacy by Design concepts
  • Has worked in a SaaS/Cloud environment
  • Knowledge in least one of the following programming languages: JavaScript, Java, Python, Swift, PHP, .Net
  • Knowledge and understanding of OWASP Top 10
  • Ability to integrate tools into processes using APIs
  • Must be able to write scripts to automate work (Python, Bash, etc)
  • Be able to identify root cause of application vulnerabilities and provide remediation procedures
  • Knowledge in some of the following: Docker, Splunk, SaltStack, Git, AWS, Netsparker, CheckMarx
  • Familiarity with development processes such as Agile or Scrum
  • Experience with one or more of the following technologies: MySQL, MSSQL, SQLite, MongoDB, Oracle
  • Pertinent certifications for secure development/web application penetration testing : GIAC GWAPT/GWEB/GPEN/ GMOB/GSSP-[Java|.NET] , EMAPT, EWDP, EWPT, EWPTX

Benefits

Job URL: iJob.am - Application Security Engineer @ Workfront Armenia

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)