About the Client
Our client is international company providing retirement services, insurance, investments and banking products
About the Role
The CoE for Web Security supports services for the Secure SDLC. Specialist is responsible for performing SCR and DS using manual and automatic tools. Maintain/design guidelines for secure web application infra architecture, settings and assesment. Knowledgeshare of infrastructure securty to infra egeneers. Consultancy on Web Application infrastructural settings.
- Planning and execution of dynamic and static security reviews of web applications according to the OWASP ASVS standard.
- Planning and execution of dynamic and static security reviews of mobile applications according to the OWASP ASVS standard.
- Knowledge transfer to (Web) application developers and infra engineers
- Acquire secure coding libraries and implement test tools (static & dynamic) for the CoE clients
- Improve the security posture by own research, tool development and training.
- Participation on the rest of the services dilevered by CoE
- Experience with programming and developing the web applications. (.Net, Java, PEGA, Python, shell scripting, Objective-C, )
- Experience with application penetration testing according to the OWASP ASVS standard
- IT administrator skills (unix, linux, win, dns, vpn, firewalls)
- Strong interpersonal and communication skills
- Ability to transfer knowledge to software designers, developers and infra engineers
- Ability to write guidelines
- Ability to absorb a new techniques for protecting web applications
- English - advanced level (B2)
Nice to Have Skills