Über
Location: Tempe, AZ Employment Status: Permanent Department: IT and Computer Job Description: This role involves responsibilities ranging from auditing code, architecture, and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advice for application hardening. The applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses, and vulnerability analysis. The candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud, and cloud-hybrid architectures. Responsibilities include: Working with application development and QA teams across multiple products to: review, evaluate, and prioritize vulnerability findings Providing SME support on secure code implementation, design, and architecture Threat-modeling & risk analysis Training Participating in providing annual OWASP & PCI training for developers Helping maintain updated Secure Coding Best Practices Common application level vulnerabilities Risk Management Findings/vulnerability prioritization Mitigation strategy Controls Evaluation review, validate, recommend, and create standards Review of open-source development libraries for security risks Web application firewall (WAF) rule development and implementation Security technologies review and recommendations Requirements: Bachelors of Computer Science or similar 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development. Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews. Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them. Solid understanding of Information Security in general and the specific behaviors that would secure TSYS information assets. Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people. Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges. Ability to work well inside and outside the team. Please be informed that at this time all the positions do not have any relocation package, or the flexibility to work remotely, and do not offer any work permit. All the candidates must have their own authorization paperwork.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.