This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Application Security Analyst - Realex Payments

From OWASP
Jump to: navigation, search

Primary Accountabilities

Realex Payments is seeking an application security analyst to work in our Product Management team. This role will involve working closely with developers and projects teams to ensure that internal secure development processes are followed and applications produced by the process are free from common security vulnerabilities. The application security analyst will be responsible for carrying out several core deliverables in the development process including risk assessments, threat models and security code reviews.

The application security analyst would also be involved with internal penetration testing against Realex Payments infrastructure and applications as well as ensuring ongoing integrity and effectiveness of security measures including reviews of internal application security policies, procedures and controls.

The application security analyst would also be expected to attend and potentially speak at local application security group meetings as well as security conferences with other Realex Payments security staff.

Technical Background

A background in information security or application development is required. The ideal candidate would be a developer who has a good understanding of common vulnerabilities such as the OWASP Top Ten and a strong desire to move into a full time application security role. Experience of conducting security code reviews and testing would be an advantage but full training will be provided for the right candidate.

The candidate would need to have good analytical skills and the ability to communicate technical information in plain English as well as in detail to other developers and security staff. The ability to develop new security testing tools or extend existing security testing tools would also be beneficial.

Duties / Responsibilities

The candidate will be expected to have excellent technical skills, with preference given to candidate with working experience in the following:

1. Application security code reviews

2. Risk assessments and threat modeling

3. Application security testing

4. Development of secure web facing applications

5. Developing and presenting Application security awareness training

6. Perform periodic internal application security and compliance audits

7. Prepare reports presenting audit findings and recommendations

Qualifications

The following qualifications are a distinct advantage:

• CSSLP/GSSP/OSCP/CISA/CISM/CISSP

Apply to [email protected]. The position is required immediately.

Realex Payments

Castlecourt, Monkstown Farm, Monkstown, Co. Dublin, +353 1 280 8559