Serves as a technical SME for LogicMonitor's application security testing practice
Implement and manage application security testing tools, evaluate results, and recommend mitigations
Conduct threat modeling of applications and recommend mitigations
Evaluate evolving product specifications for security risk and develop solutions
Advocate for application security best practices across the global software development teams, and develop documentation/training as appropriate
Implement application security frameworks and report on security health of LM's software
What You'll Need:
6+ years experience with Software Automation Testing security
Intimate knowledge of the OWASP Top 10 / CWE Top 25 software vulnerabilities and how to address using defensive coding
Experience with modern development frameworks and languages (Java/Python)-
Familiarity with application security analysis methodologies such as SAST, DAST, and SCA
Background in SaaS delivery model, and threats specific to SaaS applications
Familiarity with application security maturity frameworks such as OWASP SAMM and/or BSIMM
Nice to Have
Ability to review source code change and make corresponding test strategy
Good at seeing / identifying edge cases
Automation mind set. Understanding when and where we can automate will help to improve fault tolerance and scalability moving forward.
Development (especially network programming) experience would be great
AWS (or other cloud) Experience
Familiar with Atlassian Suite (JIRA, Confluence, Bamboo, BitBucket)
Familiar with java unit testing frameworks (junit, mockito, wiremock
--
You must verify your mobile number to apply to this job.