Forum

Application Security Specialist

One of the most recognised and longest running gaming companies on the market with office based in the UK, Europe and further afield now have the urgent need to recruit an Application Security Specialist to join their Gibraltar office.

Scope:

•Provides application security services including secure coding techniques and reviews, education & awareness, process and tools, security testing support and guidance for internal software development projects.

•To provide guidance on security best practice and compliance, and undertake security testing.

•To ensure awareness of and enforce policies, procedures and practices relating to the confidentiality, integrity and availability of information.

•Information security consultancy and controls monitoring.

Accountabilities:

•Identify application security risks and requirements for new projects and system developments.

•Sign-off on application security prior to live implementation

•Work with the architecture and development teams to review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle

•Provide technical specialist advice to ensure that security standards are understood and can be complied with.•Work with 3rd party suppliers to promote secure design and security testing.

•Develop security testing plans and integrate into the software development lifecycle.

•Perform/oversee security testing and manage remediation of identified vulnerabilities

•Monitor and proactively report on current threats and vulnerabilities to application security.

•Support the Head of IS Security and Online Executive management in the promotion of information security best practise and embedding information security within the programme streams.

•Prepare and monitor operational security metrics and trends.

Experience and Skills Required:

•In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.

•In depth understanding of secure web application development, Java, Java development frameworks, PHP, web services and SOAP.

•Experience of web application and Agile development methodologies.

•Understanding of Apache web server and unix server operating systems.

•Comprehensive knowledge of IT and information security subject matter.

•Knowledge of security policies and standards and such as PCI-DSS and ISO 17799, 27001.

•Knowledge of technical security architectural principles.

•Able to prioritise workload and drive work to set deadlines.

•Exposure to methods of promoting security awareness.

•Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.

•Anticipates problems and identifies long-term implications of decisions and actions.

•Ability to work alone and build relationships across the organisation.

Desirable:

•Security certifications – CISSP, CISA, CISM.

•Technical certifications, e.g. GIAC ethical hacker, GIAC Certified Web Application Defender, GIAC Web Application Penetration Tester

•ITIL certification or experience of working within an ITIL-oriented organisation.

•Security project management experience.

•Education to degree-level

 

for more details:
Blockchain Application Examples

 

Thanks!

You need to be a member of OWASP to add comments!

Join OWASP

Email me when people reply –