Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via emailRole: Security Testing Lead / AVP
Location: New York/Alpharetta/London (Day 1 Onsite/Hybrid) Fulltime
Mode of Work: 3 days/week onsite required
Your required skills: 812 Years Required
Rate : Open (Keep it Competitive)
Visas : USC GC GCEAD H4EAD OPT EAD
Role:
Attend sprint and refinement sessions assigned to the squad and lead testing efforts.
Stay updated with the latest security methodologies technologies and best practices.
Enforce security policies and procedures in security tooling.
Gather information on upcoming features and changes.
Support Dev teams with any security controls implementation questions or any other security related questions.
Lead information gathering for the team members who are performing the security testing and resolve any blockers for the testing to be completed before production deployment.
Perform Peer review on the security testing and assessments to ensure security testing coverage and test cases are sufficient and remediation is achieved.
Support integration of security practices into development processes and CI/CD pipelines.
Track any security bugs resulted from the release testing and assist developers during the remediation process.
Ensure documentation is up to date.
Qualifications
Must Have:
Bachelors degree in Engineering
8 years of experience in Product & Solution Security and risk management
Strong programming/debugging skills/scripting skills. Can use scripting/coding
techniques proficiently execute common penetration testing tools triage and support incidents and produce highvalue findings.
Ability to perform manual web application testing experience i.e. must be able to simulate a SQL inject/Crosssite script attack without the use of tools
Knowledge of network and Web related protocols/technologies (e.g. UNIX/LINUX TCP/IP Cookies)
Experience with vulnerability assessment tools and penetration testing techniques
Experience with CI/CD pipelines with integrated security
Nice to Have:
Security certifications such as CISA CISM CISSP certified security are a plus
Technical familiarity in areas related to general information security; security
engineering; application architecture; authentication and security protocols;
applications session management; common communication protocols; single
signon technologies; RESTful web services
Full Time