We are currently seeking a Senior Application Security Developer to join our Information Security team.
Are you someone who enjoys collaborating with software developers, breaking code and building security tools to support our product team? If you have a development background with a passion for security and experience in cloud-first environments, then we want to talk to you.
What you'll be doing... Implement and integrate security solutions (e.g. SAST, DAST, OSS) into CI/CD workflows including Veracode, BlackDuck, and JFrog Xray.Whitebox testing to identify security vulnerabilities with a focus on OWASP Top 10 and SANS Top 25 issues.Remediate identified security vulnerabilities from ongoing vulnerability assessments and penetration tests, collaborate with the development organization as needed.Enhance application logging to provide more visibility into potential security issues.Perform threat model assessments with the Development organization using the STRIDE model.Red teaming exercises including the use of penetration testing techniques to conduct network and application assessments, conduct comprehensive testing activities using Metasploit, BurpSuite, and custom scripts/exploits, attempt data exfiltration using a variety of methods.Performing network infrastructure vulnerability and penetration tests.