Application Security Engineer | Dqb-726
Responder al anuncioWhat You’ll Do:The Application Security integrates and supports security at every phase of the software development lifecycle (SDLC) and works closely with developers to ensure applications are secure from inception through release. Given Teradata’s large portfolio of analytic applications, we are pushing the boundaries of security by automating source code analysis and analytic security. Our expertise lies in a deep technical understanding of security and our application security engineers within Teradata. The Application Security team is tasked with enabling software developers to build secure applications and products through automating security (Shifting Left). Who You’ll Work With:The Application Security team is an integral part of Teradata Information Security and closely partners with and guides Product Engineering. The Application Security team works with several teams such as CloudOps, DevOps, and our Engineering teams. What Makes You a Qualified Candidate:Proficient in 1 or more of the following areas:- An understanding of languages such as Java, C/C++, Go, Python, and JavaScript/Typescript and how to apply security measures to these code languages. - Provide vulnerability remediation guidance and mentoring to product development software engineers. - Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements. - Serve as the security subject matter expert around Application Security topics, processes, and tools. - Partner with Product Engineering to improve security and quality within the SDLC. - Integrate SAST, SCA, DAST, IaC, and Container scanning into CI/CD pipelines. - Interpret SAST, SCA, DAST, IaC, and Container scanning analysis tool results, and describe issues and fixes to non-security experts. - Identify and automate security processes and practices. What You’ll Bring:Knowledgeable in 1 or more of the following areas:- Understanding of languages such as Java, C/C++, Go, Python, and JavaScript/Typescript and can apply security measures to secure them. - Ability to communicate effectively with business representatives in explaining security topics clearly and, where necessary, in layman's terms. - General understanding of SAST, SCA, DAST, IaC, and Container analysis tools. - Ability to interpret SAST, SCA, DAST, IaC, and Container analysis results, and describe issues and fixes to non-security experts. - An understanding of web application and API vulnerabilities. - Familiarity with one or more cloud environments such as AWS, Azure, and/or Google Cloud. - Ability to automate tasks and integrations via APIs using Python, Bash, or Go. - An understanding of one or more programming languages such as Java, C/C++, JavaScript/Typescript, Go, Python, etc. - An understanding of HTTP and SSL/TLS protocols, and web applications. - An understanding of CI/CD processes and tools. Education Background:Knowledge of core application security principles, common security vulnerability classes, their root causes, and mitigations. MS/BS degree in Electrical Engineering, Computer Science, Information Technology, or related field. Advanced degree highly preferred. #J-18808-Ljbffr
¡Sea el primero en responder a este anuncio de trabajo!
-
¿Por qué está buscando trabajo en Trabajas.es?
Crear alerta de empleo
Cada día nuevos anuncios de trabajo Puede elegir entre una amplia gama de trabajos: nuestro objetivo es ofrecer una selección lo más amplia posible Déjenos enviar nuevos anuncios por correo electrónico Sea el primero en responder a las nuevas ofertas de empleo Todos los anuncios de trabajos en un único lugar (de empleadores, agencias y otros portales) Todos los servicios para demandantes de empleo son gratuitos Le ayudaremos a encontrar un nuevo empleo