ITGeek logo

itgeek.vnbeta

The best job search engine for the IT community

Thương lượng

Product Security Specialist

Times City, Hanoi

ONE MOUNT GROUPCompany name
500-1000 nhân viênCompany size
Software/ProductJob category
3+ yearsExperienced level
1 tháng trướcUpdated

Tech stack

QA/Testregular
Goregular
Javaregular
Pythonregular
Mobileregular

Thông tin công việc

Mô tả

Role Description:

Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new products meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

Reporting Line:

Head of Product Security

Responsibilities:

  • Provide subject matter expertise on secure architecture, design and coding practices based on current knowledge of security threats and vulnerabilities that could impact the technology stack.

  • Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application and data to align with application security maturity model and adopt a shift-left approach for security.

  • Evaluate various application security tools including SAST, DAST, SCA, IAST and Pen Testing and operationalize security tools for integration with CI/CD.

  • Perform application testing and review security test results from scans and penetration testing to identify viable vulnerabilities that may be exploited and propose remediation solutions or mitigation controls.

  • Develop security controls and processes for products and services developed and deployed for cloud environments.

  • Perform threat modeling, conduct security architecture reviews and provide training to architects and developers to enhance adoption of secure coding practice within the product development lifecycle.

  • Provide security related coaching and expertise to drive and elevate security expertise within the development teams.

  • Lead security innovation and best practices in product development through collaboration and learning from industry professionals and consortiums

Yêu cầu

Qualification and Education Requirements:

  • Bachelor’s Degree in Information Security Technology or the equivalent combination of education, training or experience

  • 3+ years experience in Software security testing, Penetration testing, Vulnerability, review code, information assurance, incident handling, vulnerability management and vulnerability analysis, and assistance programs, security risk, threat management, security network architecture

  • Expert knowledge in security best practices, principles and common security frameworks such as OWASP, BSIMM, NIST and ISO

  • Experience building secure software based on frameworks such OWASP, BSIMM and SANS

  • Experience in software development including Java, Golang, Python, and scripting languages

  • Knowledge of secure architecture and design patterns for Web, Mobile and Microservices

  • Knowledge of current and emerging threats and techniques for exploiting security vulnerabilities

  • Experience securing cloud infrastructure and applications

  • Experience with methodologies and security testing tools for threat analysis of complex applications and services including threat modeling, software fuzzing, static and dynamic analysis and penetration testing.

  • Advanced organizational, planning and time management skills

  • Advanced communication, presentation and analytical skills

Individual Skills:

  • Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

  • Ability to interpret and understand complex and rapidly evolving concepts.

  • Ability to think critically.

  • Ability to think like threat actors.

Thông tin khác

  • 13th salary, rewards for achievements, initiatives and good deeds

  • Annual leave: 15 – 20 working days/year and Other leaves/public holidays

  • Providing customized training courses according to business needs and upon your request

Nơi làm việc

  • Tower 2 Times City, 458 Minh Khai, Hai Bà Trưng, Hà Nội
Chú ý: Toàn bộ thông tin đăng tải thuộc quyền sở hữu của ONE MOUNT GROUP. Chúng tôi chỉ đang cố gắng đưa thông tin nhanh nhất và chính xác nhất tới các bạn. Trường hợp phát hiện có nội dung không chính xác, các bạn có thể thông báo bằng cách liên lạc với chúng tôi qua cửa sổ liên lạc phía dưới-góc phải màn hình.

Thông tin công ty

Loading...

Danh sách công việc đã đăng tuyển