JOB DESCRIPTION:
Responsibilities
· Liaison with both technical and business stakeholders advising on our security standards and policies.
· Improve and maintain security services, focused on review efficiency, standards definition, and change management correctness.
· Maintain security posture through Azure security, application security, vulnerability management, penetration testing etc.
· Respond to security vulnerabilities and threat, manage the end-to-end detection and remediation processes, and escalate as required.
· Perform various security service functions including internal vulnerability scans, Azure security review, application security review, secure SDLC, application hardening validation and penetration testing activities.
· Document risk and mitigation controls, including policy/procedure updates.
· Participate in audits and assessments and provide support, as appropriate.
· Analyze established application security controls, secure SDLC initiatives and procedures and recommend improvements.
· Evaluate appropriate tools for supporting the application security and vulnerability management function.
· Participate in security on-call rotation.
What You Bring
· Expertise focused security administration
· Bachelor's Degree or equivalent experience/certification.
· Excellent verbal and written communication ability.
· Solid understanding of OWASP, S-SDLC, SAST, DAST, SCA processes.
· Working understanding of application security and vulnerability management.
· Experience working in a PCI DSS, SOC or HIPPA environment.
· Knowledge of all security domains is ideal.
· Java and JavaScript programming language experience is a plus
· Nice to have CISSP, CEH, OSCP, ECSA, GSEC / GCIH / GCIA, CCSP, CSSLP, RHCE or MCSE.
· Azure focus