About the opportunity
You will be a key contributor to our DevSecOps program and overall application security initiatives at Ellucian. You will be working with a team of humble, experienced and skilled security professionals helping them solve some challenges created by modern-day application security problems.
You will get to learn some of the latest technologies and enjoy creative independence to bring your ideas to life in an open and collaborative team environment.
Where you will make an impact
Analyze security posture of Ellucian applications and coding practices using a variety of tools and frameworks and contribute towards its continuous improvement.
Perform manual and tool-based application penetration testing.
Provide guidance to development teams for remediating application security vulnerabilities.
Develop innovative new DevSecOps solutions to application security problems.
Act as an evangelist for DevSecOps and application security within Ellucian.
Lead ongoing process and policy improvement efforts.
Conduct research on trending product security, zero-day threats and cybersecurity risks and provide recommendations to protect against such risks.
Perform threat modeling on new products, features and functionalities and provide secure design recommendations.
What you will bring
3 to 6 years of experience working as Application Security engineer or similar position.
A strong passion for application security.
Thorough knowledge of SAST, DAST, SCA tooling.
Extensive skills and experience performing manual and scripted penetration testing using manual and automated tools.
Bachelors+ degree in Computer Science, IT or similar engineering or equivalent professional experience.
Demonstrated ability to clearly communicate complex ideas verbally and in writing.
Demonstrated technical skills, especially in the areas of application security, cloud security and secure development practices.
A thorough understanding of OWASP application security tools, code libraries and documentation.
Experience in vulnerability assessment, false positive analysis and risk-rating analysis of product security bugs.
Experience developing automated solutions to application security problems.
Excellent troubleshooting, problem solving, and analytical skills.
Ability to occasionally work off-hours or extended hours in support of various projects.
Desired Skills / Knowledge / Experience :
Knowledge or experience of DevOps tooling such as Jenkins is a plus.
Understanding of WAF, IAST & RASP.
Understanding of containers, virtualization and orchestration tools.
Experience securing Cloud applications in AWS.
Application security certification such as CSSLP, GIAC GWAPT or similar.
Experience remediating application vulnerabilities.
AWS knowledge and / or certifications is an advantage.
What makes #Ellucianlife
22 days annual leave plus 11 public holidays
Competitive gratuity policy
Group insurance and Annual health checkup plan with a variety of family and wellness benefits.
Thrive Flex Program that allows you to contribute towards your health, financial or learning interests
5 charitable days to support the community that supports us
Diversity and inclusion programs that promote employee resource groups such as : Buzzinga and Lean In Team to name a few.
Employee referral bonuses to encourage the addition of great new people to the team
We Foster a learning culture with :
Education Assistance Program
Professional development opportunities