Application Security Specialist - Monterrey

at  IBM

Introduction
In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology
Your Role and Responsibilities
The successful candidate will perform application security assessments, code reviews, and Software Development Life Cycle (SDLC) security consulting in a customer environment. The candidate will be responsible for identifying specific and systemic security issues within applications and the application development and lifecycle maintenance process, and will also be a resource for the client in establishing and expanding the base of client knowledge in the area of application security.

Projects may include:

• Executing SAST, DAST, IAST testing
• Performing application Threat Modeling using STRIDE, Attack Trees, PASTA or VAST
• Establishing DevSecOps and “Secure by Design” processes
• Performing application security risk assessments
• Creating gap analysis and client improvement program recommendation

Required Technical and Professional Expertise

• Good experience in Cybersecurity, specialized in Application Security or secure development.
• Knowledge in common application code review methods and standards
• Knowledge in application development and coding in modern languages
• Knowledge in OWASP tools and methodologies
• Knowledge in standard Software Development Life Cycle (SDLC) practices
• Experience in Application Security
• Experience in IT and / or software development
• Nice to have to be certified in CISSP, CEH, and/or CSSLP
• Fluency in English

Preferred Technical and Professional Expertise

• Microsoft Azure certification.
• GCP certification

Please refer the Job description for details