Product Security Architect - OWASP Top 10, Threat Modelling, SAST, DAST, MAST

We work as trusted business partners and always strive to deliver the most value and highest return on investment for our clients. We are highly trained business professionals with strong understanding of clients need. We work closely with the leading staffing trade associations, training, and research organizations to ensure we are knowledgeable of the latest industry trends and technologies.

Job Description

Job Summary:

The Product Security Team ensures security by design product engineering and architecture. In this role as a Senior Security Engineer, you will conduct security assessments for products and solutions. You will collaborate with various cross functional teams and help to create, define, and implement security controls and security tooling in conjunction with internal product development and Devops teams.

Responsibilities

• Evaluate security postures and provide recommendations for improvement and risk reduction for Mobile Platforms(IOS/Android), AI Systems, Internet of Things.
• Support engineering and development teams in implementing, maintaining and troubleshooting application security tooling automation for SAST, DAST, MAST (iOS and Android), OSS, API, etc.,
• Implement security modules, tools, and code snippets when needed.
• Participate in deep dive architectural discussions of new or existing applications, software, and services.
• Apply cryptographic primitives and protocols for authentication, authorization and data protection.
• Recommend and manage transmission protection requirements for all environments (e.g., systems, applications, containers) such as VPC peering best practices, SSL certificate management, RSA key pairs, etc.
• Continually evaluate new threats and attacks specific to Mobile Platforms, IoT, and AI Systems to identify the impact on business and help to develop and implement appropriate security controls.

MUST HAVE SKILLS:

• Bachelor’s degree in Computer Science or related fields
• Eight or more years of relevant work experience.
• Experience with mobile application security testing, mobile code analysis, vulnerabilities evaluation and remediation.
• Experience with performing security requirements analyses to secure deployment of large IoT, mobile and/or AI systems.
• Experience with Secure SDLC including use of obfuscation techniques, Reverse Engineering and Tamper Resistant software development.
• Experience with OWASP Top 10 vulnerabilities and Cryptographic Algorithms: PKI, X.509 Public Key Certificates, authentication protocols, and transport layer security, OID, OAuth, SAML.
• Understanding of various types of Exploits, Threat Modeling, and Attack surfaces

DESIRED SKILLS:

• Development experience in Swift, Java, Scala, Python, C/C++ or other languages and the ability to solve complex operational issues.
• Mobile or IoT application development experience is highly desirable
• Experience with IT Security Frameworks such as NIST, ISO27001, PCI, DSS, FedRAMP
• One or more of the following certifications: Certified Ethical Hacker, Python Institute Certifications, C++ Institute Certifications, Mobile Application Penetration Tester (eMAPT), ISC2 Certified Information Systems Security Professional (CISSP), or other Security Certification

Regards,

Mohammed ilyas,

PH - 229-264-4024 or Text - 229-469-1455 or You can share the updated resume at Mohammed@vtekis. com

Additional Information

All your information will be kept confidential according to EEO guidelines.