Job Description
We are seeking a skilled Senior officer - application security with a strong background in application security and a deep understanding of vulnerability assessments and penetration testing reports. The ideal candidate will be responsible for ensuring the security of applications and systems by identifying, assessing, and addressing potential vulnerabilities. This role requires the ability to collaborate with development teams, understand technical security issues, and implement remediation strategies to enhance the security posture of the organization
- Conduct security assessments and reviews for applications across the company’s tech stack.
- Identify security flaws in applications through manual and automated testing, including code review.
- Work with development teams to implement secure coding practices and ensure secure software development lifecycle (SDLC).
- Oversee vulnerability scanning and remediation processes, ensuring vulnerabilities are addressed in a timely manner.
- Review and analyze reports from vulnerability assessments and penetration tests, providing actionable insights to stakeholders.
- Coordinate with IT and development teams to prioritize and mitigate discovered vulnerabilities based on risk levels.
- Coordinate and manage third-party penetration testing activities, ensuring proper scope, scheduling, and follow-up on findings.
- Understand the results of penetration testing and communicate them effectively to both technical and non-technical audiences.
- Develop and oversee action plans for addressing penetration testing findings and vulnerabilities.
- Participate in security incident investigations, especially those involving application security vulnerabilities.
- Provide technical expertise in identifying root causes of security incidents and recommend corrective actions.
- Ensure compliance with relevant security standards and frameworks (e.g., OWASP, NIST, ISO 27001).
- Stay up to date with the latest threats, vulnerabilities, and technology trends in application security.