application Security Consultant

Description

abra is hiring application Security Consultant

• Provide end-to-end support for technological projects in terms of application security, from the initiation phase to production, including the development of security policies.
• Write guidance documents for development teams within the organization to ensure secure development practices, address security vulnerabilities and gaps in application security in both development and production environments, and implement technological security solutions in application domains.
• Participate in the design of secure architecture in accordance with company policies.
• Identify security gaps at the application layer and define required controls.
• Monitor and ensure compliance with the cyber risk management requirements of the insurance regulator, company procedures, and security guidelines for the various business and technology units.
• Support application security audits, write scoping documents, validate findings, and oversee the implementation of solutions to address security exposures.
• Write requirement documents for security products and innovative technologies.

Requirements

• Full proficiency in the fields of Application Security and secure development methodologies.
• Experience working with development teams and infrastructure.
• Practical experience in API Management and API Security, such as APIGEE, DataPower, etc.
• In-depth familiarity with cloud technologies and cloud-native applications, with a focus on Containers, Kubernetes (K8), Serverless, and similar environments.
• Practical experience with CI/CD systems and processes, GIT tools, and Repos for code and version management, as well as implementing IAC (Infrastructure as Code).
• Practical experience with implementing security tools in the worlds of CWPP, SAST, DAST, OSS, etc.
• In-depth familiarity with OWASP TOP10.
• Proven knowledge in Mobile Security.
• Experience working with Threat Modeling.