עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
מלאה
35,000-50,000 ₪
We are looking for a talented Application Security and Secure Software Development Lifecycle (Secure-SDLC) Expert to lead our elite security researchers team. As an Application Security Leader, you will take an active role in leading various services including penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a segmented secure system at a Fortune 500 organization or perform a threat modeling process for a critical enterprise system.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts
Escort, evaluate and improve the application security development lifecycle of our customers, including Secure-SDLC gap analysis, threat modeling and other related activities
Improve secure coding and Secure-SDLC practices, application security requirements, automation, training, and metrics
Lead the internal Secure-SDLC process of the R&D department in
Identify, communicate, and drive the resolution of vulnerabilities as an application security domain expert
Research and advocate for new application security solutions and technologies
Continue to drive security evaluation earlier in the cycles through iterative security testing
Requirements:
5+ years of experience in Application Security including penetration testing, deep understanding of major Application Security attacks, vulnerabilities, and mitigations including XSS, CSRF, SQL Injection, Deserialization, RCE, etc.
Experienced with Secure-SDLC methodologies and standards such as Microsoft SDL, OWASP SAMM, and OWASP ASVS
Experienced with threat analysis processes
Experienced with web & mobile application security, API analysis, and unique client/ server architectures
Experienced in code auditing and best practices
Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Managerial experience
Relevant certifications such as CEH and EWPTX an advantage
Hand-on proven experience in software development or familiarity with a vast range of high-level programming languages (Java, JS, Python, etc.) an advantage
Familiarity with cloud environments an advantage
5+ years of experience in Application Security including penetration testing, deep understanding of major Application Security attacks, vulnerabilities, and mitigations including XSS, CSRF, SQL Injection, Deserialization, RCE, etc.
Experienced with Secure-SDLC methodologies and standards such as Microsoft SDL, OWASP SAMM, and OWASP ASVS
Experienced with threat analysis processes
Experienced with web & mobile application security, API analysis, and unique client/ server architectures
Experienced in code auditing and best practices
Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Managerial experience
Relevant certifications such as CEH and EWPTX an advantage
Hand-on proven experience in software development or familiarity with a vast range of high-level programming languages (Java, JS, Python, etc.) an advantage
Familiarity with cloud environments an advantage
This position is open to all candidates.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
תל אביב - יפו
