SOC Monitoring Security Tools

October 31

Apply Now
Logo of GSB Solutions

GSB Solutions

tecnología • reclutamiento • capacitación • software • soporte técnico

201 - 500

Description

• Generation of threat modeling analysis, security requirements and abuse cases for all developments carried out in ADC. • Analyze changes to existing software looking for security risks that can be implemented in the coding process. • Identify vulnerabilities in the source code and in the runtime application. • Determine and advise on the recommended security controls required to remediate findings and issues in an efficient and concise manner. • Generate awareness campaigns to all stakeholders of the software process. • Help developers to use secure coding practices, as well as resolve specific doubts about vulnerabilities identified in the different testing scenarios. • Align security solutions to Holcim methodologies and standards. • Design, implement, and support the security model for general security solutions. • Develop and drive the implementation of security best practices and standards. • Review requests for new systems or changes to existing systems and evaluate the impact to security. • Conduct pre-audits on security issues of concern, work with the user community on remediation; conduct spot checks of user security to ensure compliance. • Provide technical Support for security issues related to in-scope applications, infrastructure as code, and cloud services. • Provide support to other colleagues in terms of technical/functional expertise with the assigned business processes. • Expert in Vulnerability Management tools like Qualys or Nessus.

Requirements

• Bachelor’s degree in Computer Science, Engineering, or related discipline with an IT focus. • Certifications: CISSP, CISM, CISA, CRISC ITIL, CMMI, ISO 27001, GSEC, CSSLP. • Ethical Hacking certifications desired. • Secure coding certifications desired. • At least 4 years of experience in IT Security and development, delivering applications with a secure focus, assessments and audits. • Experience in fullstack development, object-oriented programming, microservices oriented architecture, with knowledge in agile methodologies and DevOps model. • Experience coordinating and completing multiple tasks within established and changing deadlines. • Excellent organizational, analytical, and independent problem solving skills. • Demonstrated excellent oral and written communication skills necessary to interact effectively with colleagues and with users of varying technological skill levels. • Strong customer / end-user / client service orientation. • Thrives working in a highly collaborative and team environment. • Highly self-motivated and directed. • Ability to provide 24/7 support to respond to critical incidents or business impacting project deliverables. • Keen attention to detail. • Capability for problem solving, decision making, sound judgment, assertiveness. • Ability to deal with difficult situations, unclear priorities and blocking stakeholders. • Ability to work decisively under heavy workload considering the criticality, urgency and extended work hours required to ensure availability of the service in accordance with service level commitments. • Ability to manage multi-cultural and multi-located teams. • Lead by example on values and culture. • A natural leader whose personality and communication skills instill a sense of credibility and trust. • Able to coherently explain the proposed design and gain stakeholder buy-in to the proposed solution. • Cost conscious and keeps a big picture perspective. • Required skills: Authentication and Access Control Tools, Management and Administration, Application Security Architecture & Cloud Computing Concepts, Change & Security Configuration Audit and Control, Encryption Processes, Management and Administration, Experience in static and dynamic security testing (code review, vulnerability analysis, Ethical Hacking), Knowledge in offensive security methodologies (OWASP, MASVS, OPENSAMM, CKC, etc). Knowledge in tools such as OwaspZap, Burpsuite, Nessus, Service Manager, Git, Fortify, Codacy, Sonarqube. • Desired skills: Knowledge in AWS cloud security. • English required (written & spoken) • Spanish required (written & spoken)

Apply Now

Similar Jobs

May 8

SupportYourApp

1001 - 5000

Provides technical support for cybersecurity in a multilingual environment.

🇨🇴 Colombia – Remote

💰 Venture Round on 2017-10

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Security Engineer

Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com