Send me more jobs like this
Get Email Alert
Responsibilities:Application Security: • Deploy and operate application security capabilities, solutions and requirements consistently across the region.• Systemically identify and document application level vulnerabilities • Communicate identified vulnerabilities and recommended mitigation strategies • Coordinate with the markets and monitor remediation activities. • Provide guidance and recommendations for remediating application vulnerabilities • Track and report on remediation status. • Facilitate and deliver targeted application security training. Secure Profiling Service: • Identify and document threats using STRIDE and other DFS techniques for critical applications • Provide recommendation for the identified threats • Coordinate and Maintain the list of remediation activities Education• Bachelor’s degree in Computer Science, Information Systems, Engineering, Information Security, Cybersecurity or a related field is required.Experience• Minimum of 5 years of relevant work experience in cybersecurity architecture and engineering. • Experience with a wide variety of Threat Modelling tools and other tools to include:o Microsoft Threat Modelling Toolo RedSealo CheckMarxo Burp Suite o ThreatModelero IriusRisko securiCAD• Experience in developing and implementing countermeasures to identified application security risks. • Experience interacting with development teams to articulate security requirements and processes while collaborating on architecture and engineering design options, implementation, testing and user acceptance.• Experienced in Threat Modelling including creation of Data Flow Diagrams• Experience identifying, evaluating and managing risk in a complex and changing environment.Requirements/Knowledge• Must have knowledge on interpreting and managing architectural blueprints for Datacenter and Cloud (IaaS, PaaS, SaaS etc.).• Experienced in Threat Modelling including creation of Data Flow Diagrams• Advanced ability to identify security vulnerabilities form source code reviews and application & Infrastructure testing. • Highly proficient in the configuration and deployment of applications in complex environments.• Working knowledge of NIST, Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM).• Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.• At least one of the following certifications is required: CISSP, CSSLP, or ISSAP.