Cyber Security Professional

Job Description

Job Description: Security Advocacy:Promote security best practices within development teams Act as the primary point of contact between the security team and development teams Ensure that security is considered and integrated at every stage of the SDLC Threat Modeling & Risk Assessment:Work with developers to identify potential security threats and vulnerabilities in applications Conduct risk assessments and prioritize remediation efforts Assist in developing threat models and security requirements for projects Secure Development Practices:Educate and mentor development teams on secure coding practices Review code and provide guidance on how to fix security issues Ensure that security tools (eg, static analysis, dynamic analysis) are integrated into the CI/CD pipeline Vulnerability Management:Assist in identifying, tracking, and remediating vulnerabilities in applications Collaborate with the security team to manage and respond to security incidents related to application security Monitor and report on the status of security issues within development projects Security Training & Awareness:Deliver security training sessions and workshops tailored to developers Stay updated on the latest security trends, threats, and technologies, and share this knowledge with the team Advocate for security-centric culture within the organization Collaboration & Communication:Work closely with security engineers, DevOps, QA, and other stakeholders to ensure alignment on security objectives Facilitate communication between teams to address security concerns effectively Participate in security reviews, audits, and compliance activities as needed Required Qualifications: Experience:Experience working with security teams or in a security-focused role is highly desirable Hands-on experience with secure coding practices, vulnerability management, and security tools Skills:Proficiency in at least one programming language (e g, Java, Strong understanding of common security threats (eg, OWASP Top Ten) and how to mitigate them Experience with security testing tools (eg, SAST, DAST, dependency scanning) Knowledge of DevSecOps practices and integrating security into CI/CD pipelines Familiarity with cloud security principles (AWS, Azure, GCP)