Oglasi za posao Application Security Analyst
Oglas je preuzet sa sajta poslodavca i sajt HelloWorld ne garantuje njegovu ažurnost.

Application Security Analyst

Luxoft d.o.o.

Beograd

online intervju

02.11.2022.

Project Description

We are a team of Application Security enthusiasts who have been helping create secure applications for a huge telecom provider in Europe for over 15 years.

We know how to break apps and how to make them unbreakable.

Responsibilities

Development of security requirements at early stages of the product life cycle.

  • Preparation of test scenarios for an audit that are based on business requirements, technical documentation for a project and a list of affected systems.
  • Identification of defects and vulnerabilities in new and existing software products using the following methods:
    • Static code analysis (mainly Java and J2EE applications, iOS and Android mobile apps) using HPE-MicroFocus Fortify SCA;
    • Dynamic code analysis and scanning for vulnerabilities using Burp Suite and OWASP ZAP;
    • Manual penetration tests on software products deployed on a test environment.
  • Development of recommendations for software developers for addressing the security flaws identified.
  • Optimization and automation of the audit process.
  • Configuration (creation of new rules) of SAST and DAST tools.

Skills

Must have

  • Understanding of architecture and working principles of modern web applications.
  • English level: Intermediate.
  • Higher education in IT.
  • Strong knowledge of basic concepts of information security.
  • Strong knowledge of defect types (CWE/SANS Top 25 Most Dangerous Software Errors), vulnerabilities and information security risks in web and mobile applications (OWASP Top 10), as well as ways of detecting and mitigating them.
  • More than 2 years of working experience as Application Security Engineer or on a similar position (Penetration testing, etc.).
  • Strong knowledge of programming languages (Java) and scripting languages (Python, powershell, bash).

Nice to have

  • Relevant information security certifications: OSCP, CEH, OSWE.
  • Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc.
  • Knowledge of/experience with information security standards and frameworks: SAML, OAuth, WS-Security, X.509, SAML, JAAS, SSL/TLS, OpenSSO, OpenIAM, etc.
  • Experience in CTF or bug bounty programs.
  • Experience in web or mobile apps development.

Upoznaj kompaniju Luxoft

O Kompaniji Iskustva Poslovi Plate Beneficije Tech Stack

Luxoft, a DXC Technology Company, is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change.

Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44+ cities and 25+ countries with an international, agile workforce of 18,000+ people. It combines a unique blend of engineering excellence and deep industry expertise, helping 420+ global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications. 

Serbia is a growing international IT hub and a new market for Luxoft. As a key location for the company, Luxoft Serbia participates in a range of global projects for the world’s largest brands. We empower our clients with deep domain knowledge and smart solutions as we develop the software of the future across diverse areas of everyday life.

Opšti utisak i preporuka

4.9
73%

Menadžment kompanije

4.9

Beneficije

4.7

Balans karijere i privatnog života

4.8

Timska atmosfera

4.9

Zadovoljstvo projektima

4.8

Mogućnost napredovanja

4.8

Iskustvo o radu

Iskustvo · 11.08.2022

Senior Recruiter

Opšti utisak

5
Ne preporučuje
Trenutno zaposlen/a na neodređeno Manje od jedne godine
Pozitivno

Luxoft je velika internacionalna kompanija i stvarno imaju jako dobro razvijene procese. Tim je jako ljubazan i svi su spremni da podele znanje. S obzirom da svi uglavnom radimo od kuce, dobili smo i najmolderniju opremu za rad. Pored toga imaju i veliku e learning platformu gde bukvalno mozete sve da naucite. Velika prednost...

Zamerke

Trenutno nemam zamerki. Sve je bolje nego sto sam ocekivala

1

Prosečna neto plata

2500

Software Engineer 1 plata

MIN
2500
PROSEK
2500
MEDIJANA
2500
MAX
2500

Luxoft offers unlimited opportunities for professional and personal growth

Global Relocation

Internal Mobility

Work from Anywhere

Upskilling

Luxoft Training Center

Educational Programs for Current and Future Managers

BRIDGE Mentorship Program

English Language Lessons

Library for Self-Education

Recognition and Evaluation

Thomas DISC Assessment

Chapters

Workplace

Slični poslovi