Code Security Specialist
- Buenos Aires, Argentina
We are looking for Code Security Specialist based in Buenos Aires to work on a long-term project for one of our clients, a top global consulting firm from the US.
The Code Security Specialist will play a key role in reviewing security assessment report sand providing remediation support and mitigation approval. This person will work with secure coding leads for implementing secure coding standards and work with application development teams to provide support on remediation, recommendation and mitigation plan approval.
The individual in this role should exhibit the following personal traits: strong interpersonal skills, be highly motivated, results oriented, have excellent communication and presentation skills, and be a strong team player.
This person is responsible to assist developers to perform application assessment and connect them to secure coding SME on remediation advising.
- Support application security assessment reviews
- Provide guidance to application groups on application security best practices
- Support application security assessment result reviews and mitigation plan approvals
- Support remediation effort and track open issues and follow up to ensure remediation
- Passion for application security
- 5+ years of experience in application security or application development
- Bachelor's degree in Computer Science or Engineering or equivalent evidence of aptitude
- Solid understanding of common web application technologies and languages
- Understanding of Threat modeling and attack vector analysis
- Experience in application security assessment tools such as Veracode, Fortify on demand or others
- Knowledge of the OWASP Testing Framework and OWASP Top 10
- Ability to understand security assessment report and identify false positive and security issues
- Methodical and organized; able to manage multiple opportunities, projects, and partners concurrently
- Able to multi-task and work independently with minimum supervision to meet firm deadlines
- Performs other special projects or duties as assigned
- Experience with Jenkins, VSTS, TFS, Azure and AWS
- Experience in DevOps, CI/CD, Secure LifeCycle Automation
- At least one of the following certifications: CSSLP, CISSP, CISA, CISM, SSCP, CEH
Monday, August 27, 2018