Application SecurityMetro Manila (Posted On: 5th Mar 2019)
Key Skills :
In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
Solid knowledge of browser and mobile platforms security model, crypto, and network security. Familiarity with security tools such as static analysis, runtime analysis, black-box/white-box testing, DAST, SAST and IAST
Working knowledge of Software Development Life Cycle, .NET Frameworks, IIS, DevOps, automation testing and software development.
Attacker mindset, and the passion to instill it into other engineers. Knowledgeable about tactics, techniques, and procedures used for software security exploitation. Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications.
Highly motivated, able to define a vision and lead its execution, driven to overcome obstacles. Excellent communication and executive presentation skills. Ability to clearly articulate specifications and best practices for application security.
Background experience of Security and Performance Monitoring tools such as SolarWinds, Dynatrace and Tenable.
General knowledge of Firewall, F5, Windows Servers, WAF, Proxy services, Databases and Cloud Services.
Adequate management and communication skills to ensure effective coordination with teams and clients.
Security Analyst, System Security - Engineer
IT/ Computers - Software
The Application Security Professional is responsible for the strategic, technical, and operational direction of the Global Information Security Office, serving as a subject matter expert for the application and its services.