This job is fully remote.
Responsibilities
Serve as a subject matter expert for Application Security, testing, remediation, and validation processes.
Provide guidance to Engineering and applicable teams on web application security
Design and lead the implementation of SDLC practices including code reviews, static/dynamic code analysis and application based vulnerability assessments to enhance the security of our applications.
Maintain awareness of known vulnerabilities in application technologies used within Schoox.com and lead research into suspected application vulnerabilities on our in house applications: Schoox.com
Lead efforts around secure development training for our engineers technology team
Work as a partner within the development organization to promote and advocate for secure code development
Job Requirements:
Prior experience securing large-scale web/mobile applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws and coding security issues.
Familiarity with dynamic and static application security tools
The ability to effectively partner and communicate with Engineering and Product teams
Thorough understanding of the main Web Application Threats and Vulnerabilities aligned to industry standard expectations: SANS, OWASP,
2 or more years technical hands-on application security and/or development experience with the following technologies
Experience assessing Node.js, PHP, Linux, React, iOS/Android, infrastructure as code
Strong communication skills working with technical and non-technical functions to enhance the application security of our product offerings
Nice to Have:
· OSCP or other hands-on technical application security certifications and skillsets
· Bachelors Degree or higher in a related field of Computer science
This is a remote position.