Application Security Manager

You will be responsible for discovering, reporting and managing the remediation of security vulnerabilities found in the software the company develops and its infrastructure (in the datacenter, cloud-based workloads, workstations, network equipment). You will perform technical security assessments, code reviews and security testing to highlight risk and help engineering teams improve the overall security posture of our platform and infrastructure. You will perform security hardening on workstations, servers, network and other equipment, as per the company’s Information Security Program and Policies.

Duties and Responsibilities

  • Conducting regular security assessments and code reviews and reports on them
  • Develop and improve Peg B Automations to detect security issues and monitor their ongoing remediation, including over-time improvement KPIs
  • Providing security guidance on a constant stream of new products and technologies
  • Develop threat models and test plans for new and existing platform components
  • Create tools to help test and monitor system security posture and develop automation and processes to identify security flaws in code
  • Develop system design and coding best practices for engineering teams
  • Perform application penetration tests to identify vulnerabilities, working closely with developers, and implementing security solutions that scale
  • Perform code reviews and remediation on identified issues
  • Enable and monitor centralized logging for all log sources which provide valuable security information in the event of an incident and when threat hunting
  • Participate in digital forensics and incident response in the event of a security incident

Qualification

  • BA/BS in Computer Science or a related field, or equivalent experience
  • OSCP (Offensive Security Certified Professional) certified or Pen tester is preferred
  • Other technical security certifications or academic background a plus

Knowledge and experience

  • Application and WEB security testing experience
  • Programing knowledge in Erlang, Scala and at least 2 more languages (C/C++, Go, Python, Ruby, Java, PHP, Perl, others)
  • Good knowledge on IT and Information Security
  • Exposure to Windows, OSX and Linux operating systems
  • Familiarity with Network and Application vulnerability tools
  • Strong debugging skills. Ability to spot design flaws, race conditions, performance bottlenecks in complex architectures and simple misconfigurations
  • Experience testing Restful APIs
  • Familiarity with secure coding best practice
  • You're a clear thinker and efficient communicator

Added Advantage

  • Familiar with tools such as: SIEM, WAF, IDS, vulnerability scanners, etc.
  • Familiar with PCI compliance standards
  • Quickly learn new technology stacks, programming languages and frameworks


Apply for this Position


Attach

Attach