Description

This position reaches common essential functions regarding appsec in a Large Enterprise that develops the applications in house , which includes application vulnerability management programs, CI/CD appsec tools (SCA,SAST, DAST, IAST), and overall making sure that we develop secure code from the very start.

Tasks and Responsibilities Description:

•Design and implementation of application security vulnerability management processes (considering the different phases of the application lifecycle);

•Help the product team to design the product with a security-first approach;

•Facilitate the integration of security tools with the development pipeline making them self-service for the engineering teams;

•Support and consult with product and development teams in the area of application security;

•Assist in creation of security training;

•Assist in development of automated security testing to validate that secure coding best practices are being used.

Profile Description:

•Strong familiarity with common security libraries, security controls, and common security flaws;

•Web application security principles and have worked hands-on with the OWASP Top 10, the OWASP ASVS or the CWE Top 25;

•Working with a Secure Development Lifecycle model (e.g. OpenSAMM, BSIMM);

•Working within the context of an Information Security framework (e.g. ISO 27001, SOC 2, PCI DSS);

•Experience working with developers;

•Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner;

•Creating and maintaining appropriate documentation;

•English (advanced).

If you meet these requirements and are interested in joining an audacious and innovative company, please send us a copy of your CV to [email protected], including the job reference IJ_006__1_23_5376. Please check www.noesis.pt to see all opportunities we currently have open, or feel free to send us a spontaneous application. Join us. Let’s innovate together!