Maersk - Secure Code Specialist - Information Security (8-12 yrs) Bangalore (DevOps)
Maersk
Bangalore, India
4d ago
source : hirist.com

Job Purpose Summary :

Be the secure code specialist across Maersk sitting with PSE organisation. As we are embarking to in-house our software development we have found the need for a person that is the go to person in relation to code vulnerabilities.

Your responsibility will be to drive secure coding standards using the standard Maersk tools. You will start by joining a Security Assessment and Remediation team to provide secure code SMEs inputs to develop and mature an application and security assessment framework.

  • Accountable for reviewing and triaging security vulnerabilities reports, support the application teams to : (i) understand results;
  • ii) implement the right remediation solution to address the identified vulnerabilities and (iii) challenge and validate remediation timelines and effort estimates provided by the application teams.

    Key responsibilities :

  • Execute triage of SAST (Static Analysis) identified vulnerabilities
  • Support the Product teams to understand the vulnerabilities identified on their applications
  • Provide remediation guidance and validate remediation plans and estimates
  • Pro-actively analyse current processes and practises, suggesting and driving improvements to test coverage, execution and automation
  • Drive Secure code practices across Product Groups
  • Is result oriented and has a high degree of accountability, commitment and responsibility.
  • Responsible for propagating - Secure by Design- principles for Code Secure for any new Platform or Application being planned in the Technology eco-system Primary
  • Internal Stakeholders"

  • Project Managers, Product Owners
  • Cyber Security Solution Architect, Product Architect
  • Enterprise Architecture team
  • Cyber Security Test team
  • Primary external Stakeholders :

  • 3rd party vendors
  • Product suppliers and vendors
  • Required experience & Skills :

  • A degree in Computer Science, Information Management or another related area
  • Minimum 5 to 7 year's experience of information security in a global and similar size business
  • Advanced knowledge of Secure Software Development principles and Life Cycle
  • Knowledge and experience with remediating OWASP Top 10 Vulnerabilities
  • Knowledge of secure best practices across multiple languages : C, C++, C#, Java, Java Script
  • Knowledge of secure best practices in Scala, and Swift, Python, PHP is advantage
  • Previous experience with Coverity and Blackduck is an advantage
  • Good understanding of CI / CD principle
  • Ability to work with teams and clearly articulate technical concepts over conference calls.
  • Actively pursuing continuous learning to constantly update skills and keep abreast of current developments in the industry
  • Ability to strategize and look ahead at the big picture
  • Experience of Threat Modelling is beneficial
  • Excels at stakeholder management, communication and able to build credibility and demonstrate the value of writing code securely
  • Security related certifications (CISSP, CISM, CISA, Ethical Hacking) desirable
  • Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form