Application Product Security Engineer
ABB Business Services
Kraków
Kraków, Lesser Poland
Hybrydowa
Java
C#
Python
JavaScript
application security
secure coding
SAST
DAST
security frameworks
Docker
Kubernetes
Status
Hexjobs Insights
Stanowisko: Inżynier zabezpieczeń produktów aplikacyjnych. Obowiązki: ocena bezpieczeństwa, architektura zabezpieczeń, przegląd kodu, wdrażanie narzędzi bezpieczeństwa. Wymagania: wykształcenie, języki programowania, znajomość narzędzi i praktyk zabezpieczeń.
Słowa kluczowe
Java
C#
Python
JavaScript
application security
secure coding
SAST
DAST
security frameworks
Docker
Kubernetes
Technologies we use
About the project
Your responsibilities
- Security Assessments: Conduct regular security assessments, including threat modeling, At-tack Surface Analysis, Critical Analysis.
- Security Architecture: Design and implement security architecture and controls for new and existing products.
- Code Review: Review source code for security vulnerabilities and provide actionable feedback to development teams.
- Secure Coding Practices: Educate and advocate for secure coding practices among development teams through workshops, training sessions, and documentation.
- Tool Implementation: Evaluate and implement application security tools (e.g., static and dynamic analysis tools) to automate security testing processes.
- Incident Response: Assist in incident response activities related to application security breaches, including root cause analysis and remediation strategies.
- Collaboration: Work closely with cross-functional teams, including software developers, DevOps, and IT security, to ensure security considerations are integrated into the development process.
- Monitoring and Reporting: Monitor application security metrics and provide regular reports to management on security posture and compliance.
Our requirements
- University degree in Computer Science or similar field.
- Understanding of programming languages such as Java, C#, Python, or JavaScript.
- Strong understanding of application security principles and secure coding practices.
- Strong understanding of application security principles like network security, encryption, access management and their best practices.
- Experience with security tools and processes such as SAST, DAST, SCA, and vulnerability scanners (e.g., SonarQube, OWASP ZAP, Nessus, Invicti).
- Knowledge of security frameworks (e.g., OWASP Top Ten, NIST, ISO 27001), cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features.
- Hands on experience with containerization and orchestration tools such as Docker and Kubernetes.
- Fluency in English.
- Certifications: Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Offensive Security Certified Professional (OSCP) are a plus.
Benefits
Wyświetlenia: 10
| Opublikowana | 27 dni temu |
| Wygasa | za 3 dni |
| Tryb pracy | Hybrydowa |
| Źródło |   |
Podobne oferty, które mogą Cię zainteresować
Na podstawie "Application Product Security Engineer"
Nie znaleziono ofert, spróbuj zmienić kryteria wyszukiwania.