Remote Senior Officer - Application Security (Remote)

Description:

• We are seeking a skilled Senior Officer - Application Security with a strong background in application security and a deep understanding of vulnerability assessments and penetration testing reports.
• The ideal candidate will be responsible for ensuring the security of applications and systems by identifying, assessing, and addressing potential vulnerabilities.
• This role requires the ability to collaborate with development teams, understand technical security issues, and implement remediation strategies to enhance the security posture of the organization.
• Responsibilities include conducting security assessments and reviews for applications across the company’s tech stack.
• The candidate will identify security flaws in applications through manual and automated testing, including code review.
• They will work with development teams to implement secure coding practices and ensure a secure software development lifecycle (SDLC).
• The role involves overseeing vulnerability scanning and remediation processes, ensuring vulnerabilities are addressed in a timely manner.
• The candidate will review and analyze reports from vulnerability assessments and penetration tests, providing actionable insights to stakeholders.
• Coordination with IT and development teams to prioritize and mitigate discovered vulnerabilities based on risk levels is essential.
• The candidate will coordinate and manage third-party penetration testing activities, ensuring proper scope, scheduling, and follow-up on findings.
• They must understand the results of penetration testing and communicate them effectively to both technical and non-technical audiences.
• Developing and overseeing action plans for addressing penetration testing findings and vulnerabilities is a key responsibility.
• Participation in security incident investigations, especially those involving application security vulnerabilities, is required.
• The candidate will provide technical expertise in identifying root causes of security incidents and recommend corrective actions.
• Ensuring compliance with relevant security standards and frameworks (e.g., OWASP, NIST, ISO 27001) is necessary.
• Staying up to date with the latest threats, vulnerabilities, and technology trends in application security is expected.

Requirements:

• A Bachelor’s degree in information security, Computer Science, or a related field is required.
• The candidate must have 3+ years of experience in information security, with a focus on application security and vulnerability management.
• Strong knowledge of OWASP Top 10 and other relevant security frameworks and best practices is essential.
• Experience with vulnerability scanning tools and penetration testing methodologies is required.
• The candidate must have an understanding of secure coding practices and common software vulnerabilities.
• Experience analyzing and interpreting penetration testing and vulnerability assessment reports is necessary.
• Security certifications such as CEH, eCPPT, or OSCP are a plus.
• Strong skills and knowledge in tools such as Burp Suite and Nessus are required.
• The candidate must possess strong communication skills with the ability to explain complex security issues to a variety of audiences.

Benefits:

• The position offers the opportunity to work remotely, providing flexibility in the work environment.
• The role allows for professional growth and development in the field of application security.
• The candidate will have the chance to collaborate with various teams and enhance their technical expertise.
• The organization supports continuous learning and staying updated with the latest security trends and technologies.
• Competitive compensation and benefits package will be provided, although specific details are not mentioned.