Application Security and Secure-SDLC Expert
Herzliya, Israel
CYE
CYE's optimized cyber risk management helps you gain visibility, quantify cyber risk, prioritize mitigation, and effectively communicate with stakeholders.
CYE is looking for a talented Application Security and Secure-SDLC Expert to be a part of our team. As an Application Security Expert, you will take an active role in security development lifecycle activities and penetration testing that will help evaluate our customers’ security level and improve it. A typical job could be breaking into a critical system of a Fortune 500 organization, analyzing the Secure-SDLC security gaps in a large department in a huge enterprise, and reverse engineering an application and encryption method in order to gain access to sensitive data.
Responsibilities
- Manage, evaluate, and improve the application security development lifecycle of our clients.
- Identify, communicate, and drive the resolution of vulnerabilities.
- Research and advocate for new application security solutions and technologies.
- Continue to drive security evaluation earlier in the cycles through iterative security testing.
- Operate as an incident responder for triage pertaining to web-based vulnerabilities.
- Ensure customers’ security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts.
- Improve secure coding practices, application security requirements, automation, training, and metrics.
Qualifications
- 3+ years of experience in Application Security Secure-SDLC practices, standards, methodologies, and software team escorting; including standards such as Microsoft SDL, OWASP SAMM, and OWASP ASVS.
- Experienced with threat analysis processes.
- Deep understanding of OWASP Top 10 and CWE 25; with a proven track record and experience in implementing and integrating remediation strategies.
- Familiarity with a wide range of high-level programming languages (Java, JS, Python, etc.) and related secure Software Development Life Cycle (SDLC) activities.
- Significant advantage: hands-on experience in application penetration testing.
- Significant Advantage: Managerial experience.
- Advantage: Proven experience in high-level code auditing.
- Advantage: experience in CI\CD and CI\CD security.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
6
0
0
Category:
AppSec Jobs
Tags: Application security Audits Automation Encryption Java OWASP Pentesting Python Reverse engineering SaaS SAMM SDLC Vulnerabilities
Region:
Middle East
Country:
Israel
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs