Application Security Engineer @ AVENGA (práce v Polsku)

Application Security Engineer @ AVENGA

Polsko

Requirements:

• Educational Background: Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
  
• Experience: 5+ years of experience in application security or a related field, with at least 2 years in a senior or lead role.
  
  

• Technical Skills:
  o Proficiency in security assessment tools and scanners (e.g., BlackDuck, Nexus IQ, OWASP ZAP, Fortify, Sonarqube).
  o In-depth knowledge of secure coding practices and security standards (e.g., OWASP, NIST).
  o Experience with programming languages (e.g., Python, Java, .NET) and scripting.
  o Familiarity with DevSecOps practices and tools (e.g., Jenkins, Docker, Kubernetes, CI/CD pipelines).
  
• Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GWAPT are highly desirable.
  
  

• Soft Skills:
  o Excellent communication and interpersonal skills.
  o Strong problem-solving and analytical abilities.
  o Ability to work collaboratively in a cross-functional team environment.
  Mindset: Proactive, self-motivated, and passionate about staying current with the latest trends and threats in cybersecurity

The ideal Senior Application Security Engineer is a seasoned professional with a comprehensive understanding of secure software development practices, including threat modeling, code reviews, and vulnerability management. They are well-versed in current security tools, technologies, and best practices. The candidate should possess a proactive approach to security, staying up-to-date with the latest threats and trends in cybersecurity. They should be comfortable working in a fast-paced environment, collaborating with cross-functional teams, and communicating complex security concepts to both technical and non-technical stakeholders. Strong analytical skills, attention to detail, and a passion for continuous learning and improvement are key attributes of the perfect candidate.

,[Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used., Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications., Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices., Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities., Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development., Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle., Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies., Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization.] Requirements: Security, Cybersecurity, Analytical skills, OWASP, SonarQube, NIST, Python, Java, .NET, Jenkins, Docker, Kubernetes, CI/CD Pipelines, CISSP, OSCP Tools: . Additionally: Sport subscription, Training budget, Private healthcare, International projects, Cafeteria system, Integration events, Insurance, Friendly atmosphere, Free coffee, Canteen, Bike parking, Free beverages, Modern office, Free parking, No dress code.

Kategorie

security

Odpovědět na inzerát

Zajímavé nabídky práce v okolí:

Podívejte se na další nabídky práce