Job Description

: Participate in implementing Secure Software Development Life Cycle (SDLC), produce security solutions and security test reports, provide advice in patching vulnerabilities, and follow up with risk mitigation Evaluate the risk points of common application frameworks and develop security solutions to provide security support for each business line Embed security principles into the design of system architectures to mitigate the risks posed by new technologies and business practices Design artifacts, spanning design, development and implementation, into enterprise systems that describe security principles and how they relate to the overall enterprise system architecture Perform routine activities related to the periodic review and audit activities of infrastructure security systems Requirements: Bachelor\'s degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, or other related fields Minimum 3 years of work experience in cybersecurity-related positions Familiar with OWASP TOP 10 vulnerabilities, and have a deep understanding of the principle, utilization, patching and reinforcement of various vulnerabilities Familiar with the enterprise\'s SDLC process implementation, building secure SDLC for IT companies, and have been in-charge of secure SDLC for a large dev team Familiar with black box testing methods and paths, and able to independently complete source code auditing work Hands-on experience in security design checklist Familiar with at least one programming language such as Java, Python, PHP, Go, C, etc, and proficient in reading design documents and related codes Preferred Experience Having been credited to high-risk CVEs for well-known projects Having contributed to the development of open-source projects. Experience working in team collaborative development and familiar with development tools Fluent English communication skills for effective collaboration with multinational teams

foundit