Project Description
Luxoft DXC Technology Company is an established company focusing on consulting and implementation of complex projects in the financial industry. At the interface between technology and business, we convince with our know-how, well-founded methodology and pleasure in success. As a reliable partner to our renowned customers, we support them in planning, designing and implementing the desired innovations. Together with the customer, we deliver top performance!
For one of our Client in the Insurance Segment, we are searching for an Application Security Analyst.
Responsibilities
- Develop functional and non-functional security requirements, including delivering secure applications and services, that strike a balance of product usability.
- Partner with the company's Product, Software Engineering, DevOps, and IT teams. Perform application security risk assessments, automate security testing, and guide development teams on secure coding practices.
- Deliver security products and consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CI/CD pipelines.
- Help new team members acclimate to job role and responsibilities and act as an escalation for any issues not resolved by less senior Application Security Analysts
- Foster and enable a secure by default culture.
Skills
Must have
- Have development background and be well versed in Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) platforms.
- Have intimate knowledge of leveraging CI/CD pipeline to automate testing.
- Minimum of 3 years of experience in software development and implementing security into SDLC processes.
- Additional 2 years relevant architecture experience with expert level knowledge of application systems design and integration.
- Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security. Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, SCA).
- Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10 or CWE Top 25, including secure code remediation.
- Bachelor's Degree, preferably in a technical field such as computer science
Nice to have
.
Languages
English: C1 Advanced
Seniority
Senior
Relocation package
If needed, we can help you with relocation process.
Vacancy Specialization
Application Security
Ref Number
VR-94692
