Desired Skills and Experience
- What does this look like? Every day we ask our customers and ourselves:
- How would an application get hacked or abused?
- How will we work with developers to fix vulnerabilities and risks?
- What do developers and business need to know about building secure software?
- What security testing can we automate?
- Rare ability to understand, relate to and share the feelings of developers.
- Tertiary education in an Information Technology, Computer Science, Information Security, or related discipline
- Ability to provide knowledge to clients at a technical level
- Knowledge of Information Security
- Strong knowledge of common vulnerabilities such as OWASP Top 10 and SANS Top 25
- General IT knowledge of enterprise environments
- Strong enterprise development skills in either Java or C#
- Medium knowledge of development build tools (e.g. Ant, Maven, TFS) and source control systems (e.g. SVN, Git, Mercurial, TFS)
- Strong experience with Web Technologies (e.g. HTML, JavaScript, AJAX, REST, Web services etc)
- Exposure to Ethical Hacking and Penetration Testing and experience with remediating issues
- Experience with Source Code Security Tools such as HP Fortify, IBM AppScan source edition, Veracode and Checkmarx
- Auto scaling and automation experience within AWS environment
- Hands-on with one or more of these: Puppet, Vagrant, Ansible, Chef…