Application Security Expert

Description

monday.com is looking for an application security expert to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. You’ll join our Application Security Team based in our headquarters, Tel Aviv, Israel.

About The Role

• Provide guidance on security best practices and compliance and undertake security testing
• Identify Application security risks and requirements for new projects and system developments
• Sign-off on application security prior to live implementation
• Collaborate with the architecture and development teams to review the design and code for security vulnerabilities
• Embed/improve security threat modeling and secure coding in the development lifecycle
• Provide technical specialist advice to ensure that security standards are understood and can be complied with
• Develop security testing plans and integrate into the software development lifecycle
• Perform and oversee security testing and manage remediation of identified vulnerabilities
• End-to-end work on reported vulnerabilities as part of the bug bounty program
• Take part in the security incident response team
• Monitor and proactively report on current threats and vulnerabilities to application security
• Prepare and monitor application security metrics and KPIs
• Initiate and automate processes for detecting and monitoring the platform security and integrate security tools into the S-SDLC
  
  

• At least 3 years of experience in software engineering.
• At least 2 years of experience in application security.
• In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
• Team player able to build relationships across the organization.
• In-depth understanding of secure web application development.
• Experience in web application and Agile development methodologies.
• Comprehensive knowledge of IT and information security subject matter.
• Exposure to methods of promoting security awareness.
• Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
• Anticipates problems and identifies long-term implications of decisions and actions.
• Ability to work and learn alone.
• Able to prioritize workload and drive work to set deadlines.
• Experience working with the hacker/pen-testing community.