Application Security Job Description
Application security
provides training and expertise to various teams on specific relevant topics (example OWASP Top 10 2017).
Application Security Duties & Responsibilities
To write an effective application security job description, begin by listing detailed duties, responsibilities and expectations. We have included application security job description templates that you can modify and use.
Sample responsibilities for this position include:
Govern the SSAP program across CCB covering static, dynamic, open source, mobile scanning, and binary scanning efforts
Participate in requirements definition and perform initial risk analysis to define a minimum standard of security for each application
Work with project teams to prioritize security milestones
As an integral part of this dynamic and progressive team, you will assist in the enforcement of corporate-wide information security policies, guidelines and best practices
Directly manages the Application Security Team
Responsible for the alignment of overall security governance with IT architecture governance and project and portfolio management (PMO)
Evaluates, develop and implement secure solutions, based on approved enterprise security architectures
Lead security architect reviews, reviews
Ensure changes do not create or introduce security gaps
You will participate in and lead a range of application security activities from Business-as-usual (BAU) application security assessments to organizational changing project enhancements
Application Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Application Security
List any licenses or certifications required by the position: CISSP, GWAPT, OSCP, CEH, CISM, GIAC, CISA, GSSP, CRISC, OSWE
Education for Application Security
Typically a job would require a certain level of education.
Employers hiring for the application security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Information Systems, Information Security, Education, Technical, Computer Engineering, Information Technology, Business, Cyber Security
Skills for Application Security
Desired skills for application security include:
OWASP
Principles
Python
Azure
OWASP Top 10
AWS
ISO
Mobile
Java
Web
Desired experience for application security includes:
Working knowledge of development languages
Comfortable with championing a project and communicating with multiple teams
Experience with Wireshark, Firebug, or other request inspection / manipulation tools
Expert knowledge of HTTP request construction and manipulation
Intimacy with database platform security (SQL / NoSQL)
Proven skills with security applications and comfort with Microsoft, nix and iOS platforms Relevant industry-accepted security certifications (SANS, ) a plus
Application Security Examples
1
Application Security Job Description
Job Description Example
Our growing company is looking for an application security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for application security
- Govern the program across the line of business covering static, dynamic, open source, mobile scanning, and binary scanning efforts
- You will lead the design, implementation, operation, and maintenance of the Information Secure Code Development including many aspects, for example, certification to various standards ISO/IEC 27001, PCI, HIPPA, GDPR
- Collaborate with other IRM teams and professionals including the VP Operational Risk Management, the Divisional Information Risk Officer and Audit Services
- Contribute and shape divisional and global IRM projects and initiatives
- SAP and SFDC Security Administration
- Defines and develops security test strategies for small-medium projects
- May lead a small team
- Work Closely with developers and project teams
- Complete risk and secure code reviews + security threat modelling
- Establish a strong partnership with application development teams to understand business needs and develop appropriate application security controls
Qualifications for application security
- Proficiency with HTML, JavaScript, Java, Spring MVC, and Structured query languages
- Experience in applying TDD principles to security
- Experience with identity management platforms and applying authentication/authorisation protocols like SAML and OAuth to REST services
- Proven experience as a technical architect through all tiers (network, storage, backup, server, middleware and web/application) with the ability to understand security best practices and implications across all tiers
- CISSP and/or CSSLP required
- Eight plus years of combined IT and security work experience including infrastructure, systems, vulnerability testing, audit, or secure application software development
2
Application Security Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of application security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for application security
- Assist code reviews and open source software evaluations
- Empower delivery team resources by promoting application security awareness and standards through training, hackerthons, mentoring and vulnerability demos
- Definition and enforcement of application security policies
- Perform manual assessments of applications, both dynamically and statically, produce reports, open tickets in Engineering work tracking systems
- Operate and maintain application security tools, such as static application security testing (SAST) and dynamic application security testing (DAST) tools
- Develop tools and scripts to enhance and automate Client's security systems and processes
- Enhance and deliver application security training to Client engineers
- Troubleshoot any operational issues engage product support as needed
- Communicates and contributes to security standards and policies
- Interfaces with internal and external contributing organizations
Qualifications for application security
- Experience with Web services and App servers, Apache, Tomcat, jBoss, WebSphere
- Related Security Certification(CISSP )
- Micro-service/Service-Oriented Architectures (SOA)
- Reactive and Isomorphic Web Applications
- Node.js, Scala, Java, Perl or .NET Programming
- Hands on experience with Static Code Analysis tools
3
Application Security Job Description
Job Description Example
Our innovative and growing company is hiring for an application security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for application security
- Providing development, infrastructure and data source administration services for security processes and applications across the enterprise with a focus on SaaS to ease the adoption from the business units
- Data lake development and engineering to establish and maintain an accounting and inventory of all identities, applications, systems, data sources and network elements across the enterprise including the access provisioned
- Assisting with proof-of-concept implementations to test and assess off-the-shelf and home-grown technologies established within the enterprise to address compliance with SOX, PCI, HIPPA and internal corporate policy
- Supporting and consulting with other infrastructure and development teams to assist the business units with implementing sound and secure SDLC practices along with coding, data engineering and security services integration / automation
- Ten or more years of combined experience in IT, application development and support, and cyber security with highly scalable online transactional systems
- Specific experience in managing access to critical systems and automation of provisioning processes and application development at large and complex Fortune 100 Company
- Strong communication and presentation skills along with the ability to handle multiple priorities and high stress situations
- Assist and drive the expanding Global Application Security program
- Partner with Tech Leads and Quality Leads to provide risk mitigation suggestions with clear and detailed information
- Work effectively as a leader in this space to function as a technical liaison between development teams and external security consultant
Qualifications for application security
- Must be willing to work in our DTH facility full-time
- A university degree or a bachelor in information technology
- At least 3 years of experience in Application Support (ITIL)
- Fluent in English, optionally know French and/or Dutch
- Professional certifications or designations in software development and/or architectural frameworks, IT security, IT auditing, or risk analysis a plus, but not a requirement
- Demonstrable and detailed understanding of cryptography, network security, operating systems, and application security
4
Application Security Job Description
Job Description Example
Our innovative and growing company is hiring for an application security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for application security
- Be able to partner with teams such as web & mobile application developers, vendors, analysts, and business clients
- Participate in projects as a functional security resource
- Manages Information Security staff in identifying, developing, implementing and maintaining information security processes across the organization to reduce risks, respond to incidents and limit exposure to liability to ensure reduced financial loss to the organization
- Develops and implements secure code practices program which includes threat modeling and automated application scanning
- Implements tools and strategies to ensure the successful implementation of the Application Security Program
- Collaborates with clients and Client Management to establish client confidence in FIS’s information security program
- Serve as Application Security Lead
- Implement security coding techniques
- Conduct application penetration and review
- Provide education and awareness
Qualifications for application security
- Work experience in application security or penetration testing
- Unlimited paid vacation days
- Requires Bachelor’s degree in Computer Science or Computer Engineering or equivalent experience
- Have a basic understanding of common software vulnerabilities / application security concepts
- A strong passion for application security and ready to adapt and learn new tools and concepts at a very fast pace
- Sound understanding of application security concepts, testing methodologies, risk rating and awareness of the current industry standards in this area
5
Application Security Job Description
Job Description Example
Our growing company is looking to fill the role of application security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for application security
- Provide guidance for internal software development
- Provide guidance on security best practices and compliance
- Identify threats and build security protection within the design of SIE’s products and services
- Perform hands on guidance during the SDLC to proactively discover risk and track them to resolution
- Perform threat analysis and define the requirement to mitigate a risk based on the threat
- Leading includes ensuring effective communication with other engineers, consultants and leadership in order to provide the above and other duties that might be required as a team
- Perform periodic vulnerability assessments, security audits and provide reports to management for review and corrective action
- Maintain, develop, and review new and existing application related security metrics
- Design, develop and improve the Key Performance Indicators (KPI’s) that lead to firm wide reporting of the ""IT Security Posture""
- Track security vulnerabilities and follow up with responsible teams for remediation and closure of identified vulnerabilities
Qualifications for application security
- Demonstrable ability to read, understand, and correctly explain source code in at least three languages chosen from the set {C, Java, Python, Scala, Clojure, Javascript, Ruby}
- Familiarity with Rugged DevOps best practices
- Proficient knowledge and in-depth understanding of how business and technical processes integrate
- Experience with PCI, HIPAA and PII related regulatory requirements
- BS or MS degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent technology experience
- Well-rounded background in application, network and host security