You are on page 1of 1

Job Title: Applications Security Specialist Working Section: Applications Development Number of FTEs: 1

Overall Roles & Responsibilities:


Applications Security Specialist is responsible for supporting the applications team through the security development lifecycle by developing best practices, performing scans,
managing escalations, designing and implementing security measures, providing supporting documentation, and driving security-related capabilities and tooling. His
responsibility include installing security software, conducting regular security audits, preparing security status reports, educating users on computer security, creating security
documentation for users, assisting in disaster recovery and gathering evidence regarding cybercrime.

Job Description: Required Skill


Education and Experience:
Review, manage, analyze, and fix all security vulnerabilities on the Web and Mobile Applications and servers Bachelor's degree in a computer-related field.
Upgrade security measures. Minimum 3 years work experience in software ,
Work closely with the Security Operations Center (SoC) to identify and fix any applications security incidents and application security, architecture and design
Utilize the current Security Information and Event Management System (SIEM) to tackle and fix any detected security Minimum 2 years of experience in applications
issues on all computer applications development
Work closely and functional reporting to the IT Security and Disaster Recovery team to maintain the integrity of the Understanding of security concepts of Internet
applications security, availability and disaster recovery plans. technologies, architectures, and protocols:
Patching and firmware updates and upgrades for optimum security protection browsers, cookies, web servers, proxies, firewalls,
Serve as expert responsible for tracking, remediating and preparing action plans regarding security concerns sockets, TCP/IP. SSL, PKI, X509, SAML, and OAuth
Maintain security roadmaps on security state and top risks across products Proven understanding of Cryptography and Java
Try to break our systems and APIs to ensure that no one else can Security APIs
Proficiency in Enterprise Java application
Perform internal scans, evaluate third party scans, and analyze results
architectures and broad knowledge of security-
Conduct security reviews of application architectures to assess technical and business risk, identify threats and
related OSS libraries, such as Spring Security
vulnerabilities, and propose solutions
In-depth and hands-on experience with
Analyze and replicate attacks using advanced industry tools application servers and web service standards and
Participate in software design process to identify thread models, perform design, and code reviews technologies (REST / JAX-RS, SOAP)
Work hands-on to improve and extend our security frameworks Understanding of static code analysis tools such as
Understand and evangelize industry best practices, drive internal awareness sessions, and workshops Fortify
Keep up to date on latest attack trends and methods, particularly those concerning mobile and web applications Experience with securing iOS or Android apps
Develop test plans for security verification and assist development teams with security testing methodologies and Experience with Web Applications Firewall (WAF)
tools
Work closely with the IT Infrastructure team to apply Web Applications Firewall policies