818 Consulting

Աշխատանքի նկարագրություն՝

We are seeking a highly skilled and detail-oriented Application Security Tester to join our team. The Application Security Tester plays a crucial role in analyzing the security of both new and existing computer software, web applications, or specialized utility programs. This role involves identifying potential vulnerabilities and flaws in codes, providing actionable insights, and ensuring the implementation of robust security measures. The successful candidate will have a strong background in cybersecurity, software testing methodologies, and risk management.

/am/application-security-tester-for-isaa-2

Աշխատանքային պարտականություններ

• Develop secure software testing and validation procedures.
• Perform secure program testing, review, and assessment to identify potential flaws in codes and mitigate vulnerabilities.
• Address security implications in the software acceptance phase, including completion criteria, risk acceptance documentation, and methods of independent testing.
• Perform risk analysis whenever an application or system undergoes significant changes.
• Apply coding and testing standards, utilize security testing tools such as fuzzing and static-analysis code scanning tools, and conduct code reviews.
• Determine and document software patches or release extents that could leave software vulnerable.
• Identify security issues during steady-state operation and management of software, and incorporate necessary security measures for end-of-life products.
• Identify common coding flaws at a high level and consult with engineering staff to evaluate hardware-software interfaces.
• Continuously evaluate and improve security testing methodologies and procedures to adapt to evolving threats and technological advancements.
• Collaborate with cross-functional teams including software developers, system administrators, and project managers to ensure that security considerations are integrated throughout the software development lifecycle. Communicate security findings and recommendations effectively to technical and non-technical stakeholders.
• Maintain detailed documentation of security testing activities, including test plans, test cases, findings, and remediation recommendations. Prepare comprehensive reports summarizing security assessment results and present findings to relevant stakeholders.
• Ensure that security testing activities comply with relevant industry standards, regulatory requirements, and organizational policies. Stay abreast of emerging security standards and best practices, and integrate them into security testing processes as applicable.
• Conduct security assessments of third-party software components and vendor products to ensure they meet security requirements and do not introduce vulnerabilities into the organization's environment.
• Stay updated on emerging threats, vulnerabilities, and security trends by participating in industry forums, attending conferences, and engaging in independent research. Apply insights gained from research activities to enhance security testing practices and improve overall security posture.

Անհրաժեշտ հմտություններ

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field. Master's degree or relevant professional certifications (e.g., OSCP,CPTS,OSWA,OSWE) preferred.
• 3-5 years of experience in application security testing, software development, or related roles.
• Proven experience in performing security assessments and identifying vulnerabilities.
• Strong understanding of risk management processes and methodologies.
• Knowledge of cybersecurity and privacy principles.
• Understanding of computer networking concepts, protocols, and network security methodologies.
• Familiarity with laws, regulations, policies, and ethics related to cybersecurity and privacy.
• Experience with cybersecurity threats and vulnerabilities.
• Knowledge of operating systems and IT risk management policies.
• Proficiency in secure software deployment methodologies, tools, and practices.
• Familiarity with code analysis tools and secure configuration management techniques.
• Experience in designing and executing secure test plans.
• Ability to recognize system and application security threats and vulnerabilities.
• Strong analytical and problem-solving abilities.
• Excellent communication and interpersonal skills.
• Detail-oriented mindset with a focus on accuracy.
• Ability to work independently and collaboratively within a team environment.
• Strong commitment to continuous learning and staying updated with the latest trends in cybersecurity.

Պահանջվող թեկնածուի մակարդակը: Միջին մակարդակ

Լրացուցիչ տեղեկություն