Job Description
- Participate in implementing Secure Software Development Life Cycle (SDLC), produce security solutions and security test reports, provide advice in patching vulnerabilities, and follow up with risk mitigation
- Embed security principles into the design of system architectures to mitigate the risks posed by new technologies and business practices
- Design artifacts, spanning design, development, and implementation, into enterprise systems that describe security principles and how they relate to the overall enterprise system architecture
- Evaluate the risk points of common application frameworks and develop security solutions to provide security support for each business line
Requirements
- Bachelor’s degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, or other related fields
- Minimum 3 years of work experience in cybersecurity-related positions
- Experience with the enterprise's SDLC process implementation, building secure SDLC for companies.
- Familiar with OWASP TOP 10 vulnerabilities, and have a deep understanding of the principle, utilization, patching and reinforcement of various vulnerabilities
- Familiar with black box testing methods and paths, and able to independently complete source code auditing work
- Having an understanding of common business logic vulnerabilities such as authentication, ultra vires, and tampering
Preferred Experience
- Been in-charge of secure SDLC for a large dev team
- Having been credited to high-risk CVEs for well-known projects
- Having contributed to the development of open-source projects.
- Experience working in team collaborative development and familiar with development tools
