He/she will be in charge of: Integration of security into software development during design and development Analysis of IT systems architecture in terms of security and risk/threat modelling Contribution to the definition of the different types of security tests to be performed Supporting the development team in terms of secure development practices Supporting the infrastructure/middleware teams in terms of securization Performing security code reviews and white box penetration testing during the development sprints Automation of security testing process Coordinating with the third party vendors and internal stakeholders for the penetration and black box testing Review and assess the results of external penetration testing, and agree corrective action Supporting the development teams to reproduce issues Research and monitor current software security risk Provide software security training to the development team
SKILLS Skills & Experience: Bachelor's degree in Computer Science or the equivalent. A master's degree is a plus At least 2+ years of hands-on experience doing security code analysis or reviews At least 2+ years of hands-on experience doing penetration and vulnerabilities tests At least 2+ years of hands-on experience as a software developer Any certification around security: GSSP-JAVA, GWEB, ECSP, CSSLP, CEH, CES etc.
Plus Knowledge of Spring Security Experience of CI/CD and DevSecOps Knowledge and experience of Mobile security on Android and iOS Experience with hardening of middleware (Tomcat, Apache, NGINX, Mongo DB etc.) Contributing to open source projects or participation in hacker events Knowledge of encryption and key management Knowledge of IAM and SIEM solutions Knowledge of AS400 Awareness of security standards relevant to SaaS and experience with Cloud platforms