A very successful global Hitech company, cloud/SaaS based, which grows also in those dates, is looking for CISO/Director of information security.
In this role you will lead a team of 6-8 people including Appsec/product security, IT security and SOC/IR.
Specific responsibilities will include:
Develop and implement a comprehensive security strategy and roadmap to protect the company’s assets, employees, and customers.
Build secure cloud and kubernetes environment
Security training for developers and the organization
Work with DevOps and Developers to improve the security culture and areas needing improvement
Provide monitoring points to help improve SOC operations and logging/alerting
You should bring:
8+ years of relevant experience in creating enterprise information and product security, and overseeing their implementation.
3+ years in managing security groups
Strong experience in working with application security methodologies, frameworks, and tools including OWASP Top 10 and OWASP Application Security Verification Standard.
Strong experience in designing and implementing security operations in a fully cloud-based environment.
A global company that is doing GOOD to the works – this position is responsible for identifying, documenting, and evangelizing product security requirements in portfolio of digital applications, services, and devices across the divisions and enabling functions, for both internal products and those delivered to customers and partners.
Key tasks & responsibilities
– Partners with development teams to proactively evangelize and communicate product security requirements, reviewing designs, and promoting control frameworks to ensure secure goals are met
– Drive security program and project execution across multiple security teams, engineering, product, and science in situations where authority is not a given
– Liaise with centralized and decentralized tooling teams in building development environments and deployment pipelines ensuring appropriate lifecycle security of the SDLC and SSDLC
– Partner with development and operations teams, help build a measurements and metrics program that provides insight to function performance
– Explain technical positions/risks to business leaders, and business positions/risk to technical leaders to achieve appropriate security outcomes
Qualifications & competencies
– 5+ years of experience in solving challenging technical problems in two or more of the following area’s: product development, product security, application security, information security or digital platform security
– Applied knowledge and/or experience with application development and related security integration
– Applied knowledge and experience designing, implementing, measuring, and operating security software development techniques and toolsets
A boutique consulting company is looking for PT/Application security enginner.
Role Description:
– Conduct manual security assessments against web applications and APIs.
– Provide guidance on prioritization and remediation of security issues.
– Provide guidance on secure SDLC implementation.
– Assess the risks of new initiatives and features.
Requirements:
– 2+ years of relevant experience
– Experience with application security and hands-on penetration testing
– Experience in application development with at least one modern programming language – advantage
– Experience performing code reviews – – advantage