Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
Infopulse, частина Tietoevry Group — міжнародна IT-компанія, заснована в 1991 в Україні. Нашими цінностями є інноваційність, гнучкість, відкритість та залученість, які поділяють понад 2000 спеціалістів компанії. Infopulse має делівері центри в 5 країнах Європи та Південній Америці.
2 червня 2021

Application Security Engineer (ID:9927) (вакансія неактивна)

Київ, віддалено

Необхідні навички

• Bachelor’s or master’s in computer science or related field or equivalent experience
• 3+ years of experience in applying secure software development methods, participate in building secure application and systems
• Solid understanding of fundamental application security building blocks such as: authentication, authorization, data validation, encryption, security assurance
• Good understanding of software architectures and technologies (including web application architectures, operating systems architectures, cloud architectures, TCP/IP Stack, software development processes)
• Strong familiarity with application security concepts/standards/laws/best-practices (e.g. OWASP, CIS, NIST SP 800, ISO27000 series)
• Experience in conducting security code review, security testing, application threat modelling and security risk assessment
• A burning desire to grow in both engineering and security expertise

Буде плюсом

• Practical experience in popular commercial and opensource security testing tools usage (e.g. Acunetix, Nessus, Burp, ZAP, Kali Linux)
• Good understanding of at least two of following programming languages (i.e. ability to figure out what’s going on by looking at code snippets): C#, C++, Java, Python, JS
• Practical experience in application development, secure coding and scripting languages for automation
• Practical experience in Microsoft Cloud Security
• Practical experience in systems hardening

Обов’язки

• Participate in threat modelling and applications risk assessment
• Perform system & application security requirements review, definition and clarification
• Working closely with development teams to support of integration best security practices into their development processes
• Contribute on corporate SDLC enhancement, design and implement security controls and best practices
• Participate in investigation, development and implementation techniques for secure code reviews and security testing
• Conduct application security testing and perform secure code review.
• Participate in enhancement of SAST/DAST/IAST integration into applications CI/CD pipeline
• Participate in conducting secure development training sessions for development teams
• Stay current on security industry trends and best practices implementation
• Investigate and pilot commercial and open-source application security tools
• Participate in development corporate regulations, technical reports, presentations related to application security

Про проєкт

The security specialist will be contacting closely with our Application Development, DevOps and Production Support teams with a focus to ensure that corporate requirements and best practices are implemented in SDLC, provide information security recommendations to identify, manage, and mitigate security risks.

Гарячі Analyst вакансії

Всі Analyst вакансії