140k - 200k
AS - 456
about 1 year ago
- Threat modeling application features and production environments.
- Break applications and prevent them from being broken.
- Security testing (black-box, gray-box) and code review of cloud and mobile products, APIs, internal automation, AUTH, and internal applications.
- Definition of Application Security policies, procedures and reporting metrics.
- Participate in incident handling and response.
- Security partnership with data, development, security and engineering teams.
- Security research, presentations, publications, and security industry collaboration.
- Guidance and architecture oversight, design reviews, and security feature roadmap collaboration.
- S. / M.S. in Computer Science, Electrical Engineering and/or 5+ years of related experience.
- Experience with agile software development processes and methodologies.
- Working knowledge of source code repositories.
- Experience developing, deploying, and securing applications in Azure or AWS.
- Experience with Azure or AWS Development and CI/CD tooling (Visual Studio, Azure DevOps)
- Deep working knowledge of modern authentication and authorization protocols(OAuth, OpenID Connect, SAML)
- Knowledge of real world, applied crypto techniques
- Experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10 and CWE/SANS Top 25