Application Security Specialist

Job Category: Technology & IT
Job Type: Permanent
Job Location: Dublin

KEY RESPONSIBILITIES:

  • Work with a team of Product DevOps/SecOps Engineers to architect and secure AWS applications.
  • Ensure compliance and security of public cloud properties.
  • Create secure design patterns and libraries for cloud applications in areas such as data protection, key management, authentication, and authorization.
  • Develops standards, policies and procedures best practices documentation.
  • Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.
  • Work closely with application developers and system administrators to deliver secure solutions to complex technology challenges and business requirements.
  • Shares lessons learned, initial indicators of detection and opportunities for strengthening systems and applications to management.
  • Collects information from a wide variety of sources, and aggregates the data relevant to the Hertz security environment.
  • Act as a security liaison and present security architecture along with Application Teams in periodic Architecture Review Board meetings.

REQUIREMENTS

  • Bachelor degree in Computer Science, MIS, or related field.
  • 5+ years of Information Security experience required, preferably in a global Fortune 500 corporation.
  • Knowledge of OWASP top 10 and able to identify vulnerabilities and possible exploits. Provide remediation guidance.
  • Strong experience with Amazon EKS – Amazon Kubernetes Service
  • Strong understanding of modern deployment tools like Jenkins, Git, Docker
  • Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments
  • Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.
  • Experience in testing web-based APIs (i.e., REST, SOAP, XML, JSON) and AWS Serverless applications.
  • Application or system hardening, Security Testing / Penetration Testing, Fuzzing, Cloud security.
  • Hands-on experience performing threat modeling, including STRIDE and PASTA methodologies
  • Familiarity with MITRE ATT&CK Enterprise Matrix and MITRE D3FEND
  • Excellent written and oral communication skills in English
  • Well versed in a variety of development languages, protocols, code repositories, and application security testing platforms.
  • Certifications desired: AWS Cloud Practitioner, Certified Information Systems Security Professional, (CISSP) Certified Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC Certified Intrusion Analyst, Global Information Assurance Certification, Forensics certifications.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx
Scroll to Top