Software security specialist

İş Təsviri

Innovation and Digital Development Agency

Description

Implementing security measures throughout the software development process (DevSecOps approach) and promoting secure coding practices by working closely with programmers;
Analyze results using static and dynamic analysis tools (SAST, DAST, SCA) to conduct code analysis and identify security vulnerabilities;
Integrate CI/CD Pipeline security scanners and create automated test environments;
Identifying OWASP Top 10 vulnerabilities, developing appropriate strategies to prevent them, and providing preventive measures in applications against these vulnerabilities;
Make corrections and recommendations based on pentest results, assess security risks and take measures to minimize them;
Automate security tools and processes, create scripts and automated rules for security monitoring;
Respond to security incidents, analyze incidents to identify vulnerabilities in systems, and take measures to prevent future incidents;
Research and implement new security technologies and methodologies and develop a DevSecOps culture within the organization.
Requirements

At least 1 year of work experience in cybersecurity or a related field;
Experience with CI/CD tools (GitHub Actions, GitLab CI/CD, Jenkins, etc.);
Knowledge of Kubernetes and container security;
Experience in detecting and exploiting web application vulnerabilities;
Experience with one or more programming languages ​​such as Python, Bash, PowerShell, C, C++, Java, or Go;
Experience in developing web applications (including APIs) or microservices;
Preference is given to those with OSCP, CDP or similar certifications.
About the vacancy

Vacancy type – Full-time
Experience – 1-2 years
Education – Bachelor’s degree