Center of Excellence Consulting &Software Development in DHL IT Services
Membership in small highly motivatedinternational expert team working with large global software developmentorganization (1000+ people) building world-class quality software solutions forDP DHL.
Contribution to enterprise level global projectsapplying modern software development practices, tools and standards with astrong focus on IT Security
Experience of multicultural and state of the-artwork environment.
Close collaboration within integrateddevelopment and support team (DevOps) and with development teams working inagile mode, external vendors and business partners around the world on DPDHLstrategic projects
Consult on Security questions based onarchitecture and helping to find solutions to fix or avoid security issues
Provide hands-on expertise and guidance to oursoftware development teams
Contribute to the provisioning of securityfocused development tools and processes in the Secure Software DevelopmentLifecycle (S-SDLC), e.
g.in DevSecOps delivery mode
Provide consultancy and inspire others inadopting security best practices, tools and standards; steering the developmentprocess, peer reviews and knowledge sharing for technical and non-technicalaudience.
Be a Quality leader, who inspires others todevelop high quality secure software.
WEARE LOOKING FOR
Excellent knowledge about ITSecurity Processes, technical standards, security tools and theirimplementation, security threats, Security Testing and Controls / Standards e.
g.SAST, DAST, Pentest and OWASP; ISO / IEC27001, GDPR.
Solidexperience in Software Development (S-SDLC), Hands-on experience in SAST, DASTand penetration testing, this includes
oCloud enviroments, Openshift platform, Continuous Integration &Continuous Delivery
oSecure development practices in Java, MS technologies, SaaS-basedapplications etc
oLinux (Scripting), Microfocus Fortify
osecurity / vulnerabilties handling, categorization
Proficient insecurity risk analysis (threat and vulnerability assessment) on products andsupporting information systems.
Eager tointroduce innovations and improvements in security practices.
Trainer andcoach for security best practices, tools and standards adoption.
Sound knowledgeof Web.App Security, Data Encryption, Vulnerability Assessment
SecurityCertification likeGIAC family, CISSP,CISM, CISA, CEH, TOGAF, CompTIASecurity+ or similar
Excellent presentation and communication skillsin English language