Vacancy caducado!
- Define and drive security certifications for ignio SaaS products and Infrastructure
- Determine industry certifications and drive processes, teams to achieve the same and keep current
- Determine future security requirements from certifications
- Security Deployment Strategy – Work with infrastructure teams for infra security and hardening, network security
- Security Operations Center – Set up and run a Security Operations center covering Threat Intelligence, incident monitoring and response
- Conduct Research on security technologies, trends, protocols, certifications and develop roadmap
- Conduct security trainings for development, pre sales and professional services teams
- Support Market development teams for customer interactions on product security topics
- Support deployment teams with security architecture specifications
- Overall a minimum of 7 years of total relevant Software/IT experience with security technologies
- Should be able to write scripts to automate activities during the product development lifecycle and enable DevSecOps.
- At least 3 years as a system architect for complex systems and at least 2 years of software security experience as a security architect, with good knowledge of threat modelling process.
- An understanding of Security Architecture frameworks such as SABSA, TOGAF (latest version with Security and Risk Integrated), NIST CSF and others
- Strong familiarity with OWASP TOP 10 vulnerabilities for web applications, SANS 25 and CWEs
- Familiarity with OWASP TOP 10 vulnerabilities for Mobile applications
- Strong background in Security Operations – Infra , network, application , physical, information
- Knowledge of security testing process and tools for SAST, DAST, CVC, Tech Stack scan, Host and Network PT. Awareness about IAST and RASP is nice to have.
- Advantage: At least 1-2 years’ experience with container technology and cloud technology and associated security and working in agile. Exposure to Mobile security is preferable.
- Advantage: Conducting penetration tests using manual and automatic testing methodologies
- Knowledge of SIEM and usage of OSS SIEM analysis tools for threat analysis and hunting and awareness of OSINT
- Knowledge of IDS, IPS, WAF, EDR and defense in depth technical strategies
- Great Communication and leadership skills – (Ability to communicate with a Developer, a Manager or Director and Customers)
- Security Policies Governance – Writing policy, standard and guideline documentations. Familiarity with ISO27001/34/GDPR, PCI DSS, PA DSS, SOX
- Strong DevOps/DevSecOps/Agile/Project Management Skills
- Very good English – Writing, and communications skill
- Relevant Industry standard certifications such as CISSP, CISM, CEH,CPTE, GSEC and others are desirable.
Vacancy caducado!