Informacje o stanowisku
Key Responsibilities:
- Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used.
- Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications.
- Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices.
- Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities.
- Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development.
- Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle.
- Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies.
- Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization.
Technical Skills:
- Experience: 5+ years of experience in application security or a related field, with at least 2 years in a senior or lead role.
- Proficiency in security assessment tools and scanners (e.g., BlackDuck, Nexus IQ, OWASP ZAP, Fortify, Sonarqube).
- In-depth knowledge of secure coding practices and security standards (e.g., OWASP, NIST).
- Experience with programming languages (e.g., Python, Java, .NET) and scripting.
- Familiarity with DevSecOps practices and tools (e.g., Jenkins, Docker, Kubernetes, CI/CD pipelines).
- Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GWAPT are highly desirable.
Key Responsibilities:
- Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used.
- Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications.
- Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices.
- Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities.
- Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development.
- Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle.
- Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies.
- Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization.
,[ Requirements: Python, BlackDuck, Nexus IQ, OWASP, ZAP, Fortify, SonarQube, NIST, Docker, Kubernetes, CI/CD Tools: Jira, Agile, Scrum. Additionally: Sport subscription, Training budget, Small teams, Private healthcare, International projects.
Praca WrocławChief security officer WrocławWrocław - Oferty pracy w okolicznych lokalizacjach
