Image Secure Colombia I Vacante de gerente regional en seguridad de aplicaciones ;
Regional Application Security Manager (Colombia)
Image Icon Colombia · Colombia
Category Administrative
Requisiton 1057

Regional Application Security Manager

What We’re Looking for ⬇️


Requirements:

  • Engineer in Electronics, Telcos, Systems, or similar.
  • Master's degree in Security, Information Security, or Cybersecurity.
  • PCI, ISO27000, ISO20000.
  • 3+ years in application security.
  • 5+ years in application development and/or Cybersecurity.
  • CEH, OSCP, CISSP (Non-mandatory).
  • Advanced English proficiency (B2 – C1).
  • Communicate at many corporate levels to ensure security concepts are translated into effective technical and business decisions.
  • Approach Application Security from the perspective of risk management.
  • Knowledge of Waterfall and agile development practices.
  • Familiarity with: C/C++, JavaScript, Python, C#, Angular, Typescript, and most common programming languages.
  • Knowledge of frontend and backend architectures.
  • Familiarity with development tools like Eclipse, GIT, GCC, JIRA, Subversion, etc.
  • Familiarity with testing tools like Acunetix, Veracode, Jenkins, AppSpider, Kiuwan, Sonarqube.
  • Knowledge of the OWASP Top 10, WASC TCv2, and CWE 25 and be able to communicate those needs to any audience.

Responsibilities:

  • Integrate security tools, standards, and processes into the product lifecycle.
  • Contribute to the training of developers and QA personnel on secure software development.
  • Deploy and maintain application security testing tools (DAST/SAST).
  • Support incident response and architecture review processes whenever application security expertise is needed.
  • Develop, enhance and maintain secure development policies, standards, and guidelines.
  • Support development teams in the security development process.
  • Evaluate third-party software and its development activities for compliance with Teleperformance security standards.
  • Integrate threat modeling practices into the product lifecycle and define security requirements based on the risk profile of applications.
  • Produce metrics for the application security program.
  • Review software applications for potential security vulnerabilities by performing application security reviews.
  • Perform code reviews in multiple programming languages.
  • Recommend security controls to mitigate application vulnerabilities.
  • Perform incident analysis to identify unidentified vulnerabilities and propose countermeasures.
  • Document vulnerabilities and work on vulnerability mitigation.
  • Identify points of improvement in the existing SDLC.
  • Recommend security enhancements to the SDLC.