Application security

Description : *Job Description : looking to enhance their capabilities around application security and vulnerability management of their development lines located within the technology business areas.The BISO is looking for a handful of individuals that can help discover and manage the life-cycle of inherent risks within their legacy, custom apps, technical debt and external facing workloads.This technical resource for the BISO is responsible for creating a security and risk workstream by discovering technical vulnerabilities within in-house developed applications by partnering with the dev lines within their respective business area.This includes the actual code developed by analysts, dependencies such as open source libraries and container technology.The team analyzes in-house developed applications for known vulnerabilities (e.g., CVE-based vulnerabilities, CWE-based vulnerabilities and OWASP Top 10 vulnerabilities), prioritizes them, and works with the appropriate asset owner to determine if remediation, mitigation or risk acceptance is required and complies with appropriate timelines.This also includes providing tools to the dev teams need to shift out of fire-fighting mode and shift left to integrate security into the pipeline and dev lifecycle.This individual would assist in reducing backlog and also helping with tool evaluation and integrating the tools they do have within the pipelines. Required Skills :• Strong App Dev background No specific coding languages although mostly Java. Ability to understand git repositories, development code best practices, working knowledge within different development frameworks• Experience within application security• Firm grasp of OWASP top 10• Understanding of how to leverage application security best practices and tools to proactively identify and address application vulnerabilities and threats Roles & Responsibilities :• Understand container space - how to scan images - integrate into the IDE; Containers as it pertains to Prisma Twistlock• Hands-on development experience (boots on the ground) with an architectural viewpoint• Provide security expertise and support to the apps teams• Enable building security elements into the user stories• Sharepoint for documentation*Skills : *Application security, Vulnerability, Devsecops, Owasp, Kubernetes, Security architecture, Vulnerability management*Top Skills Details : *Application security,Vulnerability,Devsecops,Owasp,Kubernetes*Additional Skills & Qualifications : *Must have excellent written and oral communication and be able to work with a team to help teach, coach, mentor, etc.• Experience Level : *Expert Level About TEKsystems : We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity.We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia.As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change.That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.Last updated : 2024-08-21