Lead development of the existing web portal to meet new requirements from security engineers, project managers, users, and stakeholders.
Ensure that the security portal meets the needs of the security team while they perform reviews, as well as development teams and project managers who will consume the results of the reviews.
Oversee deployment and maintenance of the portal into an on-premise cloud infrastructure.
Serve as a bridge between the multiple security teams across the globe, ensuring that requirements of all teams are met.
Integrate a variety of DevSecOps tools output with our Global Security Lab portal using the DevSecOps Tools native APIs to help automate security team processes and tasks.
Bachelor’s degree in Computer Science, Computer Engineering, or related field.
5+ years relevant experience; or master’s degree.
3+ years relevant experience; or equivalent experience 3+ years software development experience with Java, Python and PHP web applications.
3+ years’ experience in secure software development and software security testing.
Experience with PHP development Familiarity with ThinkPHP or similar development framework.
Strong written and verbal communication skills - this role requires communicating with stake holders, users, project managers, and security engineers, as well as communicating with diverse and global teams.
Familiarity with Atlassian APIs for Jira and Confluence for importing existing datasets.
Familiarity with a wide range of security testing tools.
Extensive knowledge of software security vulnerability mitigation & remediation techniques.
Strong understanding of general secure development practices: code review, static analysis, dynamic analysis, and tools for SAST, DAST, IAST, Threat Modeling, etc.
Extensive knowledge of OWASP security practices and tools.
Familiarity with a variety of DevSecOps tools Testing Automation Experience.
Extensive experience with CVSS, CVE, CWSS, CWE software vulnerability and software weakness scoring.
Experienced with Agile development methodology, processes and tools.