Client Details: Our client is an international highly successful software development house with a niche focus in the telecommunications and payment gateway [URL Removed] 20 years of proven success and phenomenal growth, this client has an incredible training and mentorship program. Your colleagues will be Agile in approach, highly qualified and awesome [URL Removed] improvement is a way of life which is reflected in a flat organisational organogram where you are encouraged to participate, contribute and your opinion will be [URL Removed] person is encouraged to be themselves. For those that are ambitious, this is the best organisation to fast track your way up the career ladder. Those that enjoy routine are encouraged and supported to be subject matter experts.Role Responsibilities:
- Following security best practices in performing tasks.
- Participating in the SDLC process of existing and new applications and features.
- Assisting with the evolution of the organisation’s application security functions and services.
- Upholding code reviews across all code platforms.
- Providing leadership for application vulnerability scanning and penetration testing remediation.
- Discovering security exposures and developing mitigation plans.
- Reporting and fixing the technical debt.
- Functioning as a subject matter expert for security solutions within the organisation’s platform.
- Sharing knowledge of common and emerging security threats.
- Working closely with cross-functional teams while carrying out daily tasks.
- Relevant IT Degree
Relevant Skills / Experience:
- 4+ years’ Java experience
- Experience in the following:
- Docker | OpenSSL | OWASP ZAP / Burp Suite
- DefectDojo | Nessus / [URL Removed]
- The following would be an added advantage:
- Experience with CIS Benchmark documentation and implementation thereof.
- Experience with the PCI-DSS certification process.
- Java 8 certification | CompTIA Network+ | CompTIA Security+.
- Experience working in an Agile environment
- Knowledge of web related technologies (Servlet-based application or Spring-based applications).
- Good grasp on network protocols such as TCP, HTTP and HTTPS.
- Technical knowledge of secure coding best practices (e.g. CERT Oracle Secure Coding Standard).
- Basic knowledge about applied cryptography (i.e., encryption, hashing and signing algorithms).
- Ability to detect security vulnerabilities in code and provide methods to mitigate them.
- Knowledge of software design and implementation.
- Strong familiarity with web protocols.
- Thorough knowledge of Linux / Unix tools and architecture.
- Well-versed in application and infrastructure security.
- Remote work
- Application Security
Work Location / Type:
PS Even if you feel you don’t have all the skills listed or if this spec isn’t what you are looking for, feel free to send your CV as we probably have other opportunities that could interest you.For a more comprehensive and updated list of opportunities that we have on offer, do visit our website (www.parvana.co.uk).