Job Description:
Technical Skills / Experience / Certifications
• Experience in performing static and dynamic code reviews, SOC expert as well as manual dynamic testing to identify application vulnerabilities.
• Certifications: GIAC / GWAPT / GPEN / GXPN / OSCP / CISSP
Role Purpose
Responsible for ensuring the development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities.
Role Accountability
• Assist in strategic planning by providing input on capabilities and methodologies used for vulnerability management and security testing, and drive continuous improvements.
• Develop a vulnerability management framework; support compliance and risk management activities by recommending security controls and corrective actions to mitigate risks.
• Collaborate with the Security Operations team to develop tooling and instrumentation (including automation) to enhance detection and response capabilities.
• Design scenario-based thematic security testing to identify product vulnerabilities and gaps in detection and response mechanisms.
• Engage with developers to create workarounds and mitigation plans, ensuring implementation in accordance with policy.
• Manage security testing programs such as responsible disclosure and bug initiatives.
• Demonstrate experience in vulnerability assessments, penetration testing, red teaming, and blue teaming (application and/or infrastructure), and effectively communicate security issues to both technical and non-technical audiences.
• Provide expertise in security tools for vulnerability assessment, penetration testing, and application security.
• Perform vulnerability risk profiling and prioritize remediation efforts.
• Offer security architecture guidance in support of application development, infrastructure, and enterprise technology projects.
• Lead secure coding training and awareness initiatives for software developers and architects at IntelliSmart.