We seek out curious minds! We value attention to detail! And we care deeply about outcomes!
We re looking for passionate people, who are eager to learn, willing to share, and establishing innovative ways of working and influencing cultural changes
-
Bachelor or masters in Computer Science, Engineering, or related field would be preferred
-
4 to 8+ years of relevant experience as Application Security / Secure Coding Specialist
-
Proficiency in at least one major programming language: Java, C#, Python, JavaScript, Go etc.
-
Strong understanding and knowledge of Application Secrets Management (Detect & Remediate)
-
In-depth knowledge of common application security vulnerabilities: OWASP Top 10, SANS Top 25 and their mitigation controls & strategies
-
Working experience with SAST (Static Application Security Testing) tools such as: CheckmarxOne and SCA (Software Composition Analysis)
-
Knowledge in setting up & operating Cloud infrastructure using IaC; familiarities with containers and security automation in CI/CD pipelines
-
Good understanding of monolithic & microservices application architecture and knowledge of common web application frameworks
-
Good to have relevant industry certifications: CSSLP, CISSP, OSCP, CompTIA Security+ etc.
-
Proven ability to prioritise workload, meet deadlines, and utilise time effectively
-
A team player with excellent interpersonal, communication and negotiation skills
-
Knowledge of Agile frameworks: SAFe, Scrum, Kanban is an added advantage
Responsibilities
As a Secure Coding Specialist with our Application Security team, you will work on the following activities:
Governance & Process
-
Contribute towards development, continuous enhancement and enforcement of secure coding standards, guidelines, and policies
-
Setup effective processes and procedures for secure code reviews and remediations of identified vulnerabilities
-
Raise awareness on secure coding best practices among developers & application owners across organization
Code Scanning & Review
-
Onboarding of Airbus Critical applications into Airbus DevOps CI/CD to ensure automated code scanning and be able to conduct manual code reviews when required
-
Be able to conduct code reviews in context of SAST, SCA, IaC, Artifactory for web & mobile apps
-
Identify security vulnerabilities, design flaws, and insecure coding practices through the review
-
Analyze the identified vulnerabilities for true positive and false positives, accordingly propose remediations to the development teams (fine-tuning tool s detection capabilities in case of FP)
-
Provide recommendations, support and guidance to the developers to prioritize remediations
Collaboration and Documentation:
-
Connect & collaborate with Application Security Product Manager/Owners to ensure alignment of strategies & roadmap
-
Work closely with other Security & IT teams across organization: Security architects, Application developers, DevOps engineers and Business stakeholders
-
Provide technical support in the areas of application vulnerability, risk assessment, and security control implementation and always produce detailed and effective documentations
Continuous Learning and Development:
-
Participate in Security threat and monitoring forums to learn and keep abreast of the latest security trends, threats, and vulnerabilities, continually building knowledge in the cyber threat landscapes and good practices
-
Participate in workshops, training, certifications & security conferences to enhance skills in Cyber Security
Benefits
-
You will be part of a truly international team
-
Travel opportunities (domestic and international)
-
Competitive remuneration, bonus and incentives
-
Good work / life balance and career growth opportunities
-
Training and development opportunities (online, classroom, conferences)
-
Comprehensive benefits package (complementary health and life insurance)
Success Metrics
Success will be measured in a variety of areas, including but not limited to
-
Consistently ensure the on-time delivery and quality (first-time-right) of the projects
-
Bring innovative cost effective solutions
-
Achieve customer satisfaction
