Job Summary:

• Working closely with engineering teams to promote secure code development throughout the development process
• Working closely with GDP DevSecOps coach to deploy DevSecOps best practices 
• Act as a local security expert/referent for all topics related to application security
• Reviewing security tools and application penetration test findings with the application owner and collaborate in efforts to eliminate or remediate risks associated with those findings
• Contributing to selection of DevSecOps security tools, and coordinate their deployment per engineering teams
• Promoting use of security tools through awareness/ training sessions to engineering teams
• Consolidating and monitor application security dashboard
• Liaise with relevant teams to put security KPIs at the target, in accordance with engineering process
• Contribute to development of local security guild, and more globally to improvement of IDEMIA DevSecOps security practices
• Estimate, prioritize, plan, and coordinate security testing activities
• Collaborate with the development engineers and provide mitigation recommendations

Skills on Resume:

• Application Security Expertise (Hard Skills)
• DevSecOps Implementation (Hard Skills)
• Collaboration with Engineering Teams (Soft Skills)
• Security Tool Evaluation and Deployment (Hard Skills)
• Security Training and Awareness (Soft Skills)
• Security Testing Coordination (Hard Skills)
• Dashboard Management (Hard Skills)
• Leadership and Collaboration (Soft Skills)

Job Summary:

• Security testing and code review to improve software security
• Test and implement software security techniques in reference to architecture.
• Troubleshoot and debug issues as and when they arise.
• Working with engineering teams, handling reviews in regards to software solutions to help mitigate security issues
• Contribute to all levels of the architecture, handling Threat models
• Consult team members in regard to coding
• Identify and mitigate external threats to the organisation and employees
• Develop a familiarity with new tools and best practices
• Evolve, drive and execute a comprehensive strategy for Application Security at EXFO.
• Develop and implement application security controls and formulate effective risk mitigations along with assisting in security awareness programs.
• Conduct risk and vulnerability assessment at the system and application level.
• Provide security subject matter expertise including product design/usability implications.
• Meet with application and product teams to discuss vulnerability remediation.
• Provide timely and detailed reports, with proofs of findings, analysis of risk, and remediation advice and instructions.
• Help in creating Application Security policy standards and guidelines

Skills on Resume:

• Security Testing & Code Review (Hard Skills)
• Software Security Implementation (Hard Skills)
• Troubleshooting & Debugging (Hard Skills)
• Team Collaboration (Soft Skills)
• Threat Modeling (Hard Skills)
• Consulting & Mentorship (Soft Skills)
• Threat Identification & Mitigation (Hard Skills)
• Adaptability & Learning (Soft Skills)

Job Summary:

• Identify risks and areas of exposure in applications, development process, and architecture, and communicate them
• Collaborate with engineering teams to build a plan to address them
• Perform security reviews of source code, server/service configurations, and provide feedback to development and DevOps teams
• Improve Secure SDLC delivery
• Work closely with InfoSec and AppSec teams to manage both internal security policies and penetration tests.
• Help develop relevant application security training for the RnD teams
• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standard and ensuring software security.
• Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement
• Ensuring software stack utilized incorporates security-by-design and follows industry best practices.
• Perform security penetration tests (both application and infrastructure for Web and mobile applications)
• Perform security design reviews and threat modeling
• Manage and enhance application security tools (Static Code Analysis, Open Source vulnerabilities tools, Dynamic Application Security tools, etc)
• Develop in-house application security automation tools
• Analyze, validate and verify potential threats and vulnerabilities

Skills on Resume:

• Risk Assessment (Soft Skills)
• Code Review (Hard Skills)
• Secure SDLC (Hard Skills)
• Collaboration (Soft Skills)
• Training Development (Hard Skills)
• Business Process Understanding (Soft Skills)
• Security Implementation (Hard Skills)
• Testing and Automation (Hard Skills)