Application Product Security Engineer

Application Product Security Engineer

ABB Business Services

Hybrid

Hexjobs Insights

Stanowisko: Inżynier zabezpieczeń produktów aplikacyjnych. Obowiązki: ocena bezpieczeństwa, architektura zabezpieczeń, przegląd kodu, wdrażanie narzędzi bezpieczeństwa. Wymagania: wykształcenie, języki programowania, znajomość narzędzi i praktyk zabezpieczeń.

Schlüsselwörter

Java
C#
Python
JavaScript
application security
secure coding
SAST
DAST
security frameworks
Docker
Kubernetes

Technologies we use

About the project

Your responsibilities

  • Security Assessments: Conduct regular security assessments, including threat modeling, At-tack Surface Analysis, Critical Analysis.
  • Security Architecture: Design and implement security architecture and controls for new and existing products.
  • Code Review: Review source code for security vulnerabilities and provide actionable feedback to development teams.
  • Secure Coding Practices: Educate and advocate for secure coding practices among development teams through workshops, training sessions, and documentation.
  • Tool Implementation: Evaluate and implement application security tools (e.g., static and dynamic analysis tools) to automate security testing processes.
  • Incident Response: Assist in incident response activities related to application security breaches, including root cause analysis and remediation strategies.
  • Collaboration: Work closely with cross-functional teams, including software developers, DevOps, and IT security, to ensure security considerations are integrated into the development process.
  • Monitoring and Reporting: Monitor application security metrics and provide regular reports to management on security posture and compliance.

Our requirements

  • University degree in Computer Science or similar field.
  • Understanding of programming languages such as Java, C#, Python, or JavaScript.
  • Strong understanding of application security principles and secure coding practices.
  • Strong understanding of application security principles like network security, encryption, access management and their best practices.
  • Experience with security tools and processes such as SAST, DAST, SCA, and vulnerability scanners (e.g., SonarQube, OWASP ZAP, Nessus, Invicti).
  • Knowledge of security frameworks (e.g., OWASP Top Ten, NIST, ISO 27001), cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features.
  • Hands on experience with containerization and orchestration tools such as Docker and Kubernetes.
  • Fluency in English.
  • Certifications: Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Offensive Security Certified Professional (OSCP) are a plus.

Benefits

Aufrufe: 14
Veröffentlichtvor 27 Tagen
Läuft abin 3 Tagen
ArbeitsmodusHybrid

Ähnliche Jobs, die für Sie von Interesse sein könnten

Basierend auf "Application Product Security Engineer"

Keine Angebote gefunden, versuchen Sie, Ihre Suchkriterien zu ändern.