This job is fully remote.

Responsibilities

Serve as a subject matter expert for Application Security, testing, remediation, and validation processes.

Provide guidance to Engineering and applicable teams on web application security

Design and lead the implementation of SDLC practices including code reviews, static/dynamic code analysis and application based vulnerability assessments to enhance the security of our applications.

Maintain awareness of known vulnerabilities in application technologies used within Schoox.com and lead research into suspected application vulnerabilities on our in house applications: Schoox.com

Lead efforts around secure development training for our engineers technology team

Work as a partner within the development organization to promote and advocate for secure code development

Job Requirements:

Prior experience securing large-scale web/mobile applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws and coding security issues.

Familiarity with dynamic and static application security tools

The ability to effectively partner and communicate with Engineering and Product teams

Thorough understanding of the main Web Application Threats and Vulnerabilities aligned to industry standard expectations: SANS, OWASP,

2 or more years technical hands-on application security and/or development experience with the following technologies

Experience assessing Node.js, PHP, Linux, React, iOS/Android, infrastructure as code

Strong communication skills working with technical and non-technical functions to enhance the application security of our product offerings

Nice to Have:

· OSCP or other hands-on technical application security certifications and skillsets

· Bachelors Degree or higher in a related field of Computer science

This is a remote position.