Empresa:
act digital
Descrição da Função
Main Tasks:
• Support for the deployment of the code analysis and dependency solution o Participation in the implementation of SDLC processes
• Implement & perform security scans (SAST/SCA/DAST (WAS and assess/qualify vulnerabilities identified by different sources
• Collaborate with development teams to identify and mitigate security risks
o Collaborate with development teams to implement security measures to ensure application/code security
• You will participate in the implementation of security controls, the measurement of security process performance, and the associated reporting.
o Follow-up of remediation and compliance with due dates
• Participate in the animation of the AppSec community:
o Awareness
o Best practices
o Secure coding
Technical Skills:
• Familiarity with security tools and development technologies (Qualys Fortify, Nexus IQ, Kubernetes, etc.)
• Tooling and automating vulnerability management processes (Python scripting)
• Understanding security principles and best practices for code security
• Clear understanding of OWASP Top 10 - application security risks
• Knowledges of programming languages and front-end + backend development technologies (Java, Angular, REST APIs and others)
• At least 2 years of Experience in Information Technology Risk and Cyber Security field
• Certification (s): CISM, CISA, CRISK, CISSP, CRISC, CEH, CCSK, CCSP, ISO2700x, ISO31000 or EBIOS
Observações
Porto (Portugal)