Home / Jobs / Application Security Specialist

Application Security Specialist

Industry: Finance / Job Expires: / Location: Gauteng

Share job:

Main purpose of the Job

  • Play a key role in securing all software built and/or used by the company.
    Work with application development teams as well as 3rd party organizations to ensure that security, privacy, and compliance constraints are built into the applications.
    Help develop tools and scripts to enhance the security processes and systems.
    Drive security initiatives from brainstorming session to deployment.
    Drive security automation in a SecDevOps type role.

Minimum Education

  • Bachelor/Masters in Business, Computer Science, Information Security, or a related field
    Relevant certifications are a plus (e.g., OSCP, OSCE, OSEE, CISSP, CISM, CEH, and CSSLP )

Minimum Experience

  •  5+ years of work experience as source code reviewer or code analyser
     5+ years of security or DevOps, in an Application Risk Analysis role (true SecDevOps experience will be a plus)
     Experience with Infrastructure As Code - Terraform.
     Experience with MS SQL, Nginx, HAProxy.
     Experience with CI/CD platforms such as Jenkins.
     Experience with Version Control systems - Git.
     Experience with Configuration Management Systems - SaltStack, Puppet, chef etc.
     Experience with maintaining and running large scale web apps.
     Experience with Micro-Services - container technologies, docker, lxc.

Critical Competencies

  • A sound understanding of defence in depth principles and how it relates to a large organisation or financial institution.
     Technical knowledge of security platforms
     Knowledge and commercial experience with industry standard security
     Able to demonstrate a strong understanding of development practices
     Have knowledge of secure development practices and application deployment methodologies
     Previous experience with threat modelling
     Have a solid understanding of risk management processes and analysis
     Be able to demonstrate a solid understanding of disciplines in change control, security, performance monitoring, on-going administration and documentation
     Strong ability to interpret designs and strategies as it relate to platforms, and understand how this impacts both Information Technology and the Business.
     Previous experience working within an Agile environment, with an excellent understanding of the Agile practices

Behavioural Competencies

  •  Strong interpersonal skills, highly motivated, results oriented, excellent communication and presentation skills, and a strong team player.
     Ability to work well in a team
     Ability to work independently, and without direct supervision
     Ability to work well under pressure
     The ability to handle complexity and uncertainty in technical situations
     Ability to provide highly competent advice on a range of technical IT issues
     Excellent verbal and written skills, with the ability to communicate effectively at all levels

Technology Leadership

  • Provide accurate and detailed technical security consultation regarding platforms, applications, assisting with setting/influencing security direction, providing guidance and input. Must also act with a keen sense of responsibility and risk awareness.

Security Integrity

  • Using initiative to provide consultation, undertake research and develop, and set clear security direction for platforms and applications. Proactively develop and maintain security standards, operational frameworks, undertake programs of work, focussing on technical platform, applications, tools, self-service and documentation.

Operational Excellence

  • To ensure that the company maintains high performing, highly available, and highly secure platforms and applications across internally hosted and externally hosted environments. To help find the right balance between effective security, achieving the company’s risk appetite and cost effective solutions.

Service Excellence

  • Using Agile initiatives, support the solution delivery team to deliver customer value. To help build and work within self-empowered high performance teams which will deliver high quality value frequently.

Enabling 

  • Using your time, talent, and technologies to enable and empower the solutions delivery team. Identifying and building tools (self-service, automation) to help with continuous delivery, continuous development, and security based Devops (SecDevOps).

Governance

  • Undertake activities and tasks, mindful and compliant with all relevant governance, policies and procedures. Be a proactive supportive voice of the company’s risk community, helping with education, awareness, and compliance.

Please email CV to info@heitha.co.za or FAX 086 614 1097



Apply for this job