AppSec Engineer
AppSec Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Responsibilities:
Collaborate with Payoneer Application Security team and aligning with PayoneerApplication and Product Security posture.
Review and approve secure architecture designs for developments and architectsboth for the product environment and 3rd party integrations considering bestpractices regulatory requirements and business objectives.
Provide technical guidance and expertise to internal teams in selecting andintegrating in-house solutions or third-party vendors.
Overall responsibility of the SSDLC of the organization and how security is integratedinto the products life cycle from the design stage into the development (choosingand implementing tools like SCA and SAST into the development pipeline anddefining policies managing the penetration testing policy and operations) andthroughout the production environment.
Assure Vulnerability Management processes are well implemented and enforced.
Serve as a subject matter expert on application security providing guidance andmentorship to other teams in the company.
Leading Cyber Security incidents handling in Production.
Assist the Payoneer global cyber operations team with aligning with Payoneer policiesand controls.
Requirements:
5 years experience in security architecture software development cloud security ora related field.
3 years in a leadership role.
Networking Knowledge: Understanding TCP/IP firewalls VPNs IDS/IPS and proxyservers.
Experience and in-depth understanding of CI/CD workflows and methodology
Strong knowledge of cloud computing platforms such as AWS Azure or GoogleCloud and their associated security services and features and deep understanding ofcloud security principles and industry best practices.
Multi-task skills: ability to work on multiple projects in parallel providing applicationsecurity support for different teams and initiatives in the company.
Excellent communication and collaboration skills with the ability to effectively conveycomplex security concepts to technical and non-technical stakeholders.
Excellent verbal and written English skills.
Good To Have:
Bachelors degree in Computer Science Information Security or a related field.
Professional security certifications (e.g. CISSP CISM CCSP OSCP) are highlydesirable.
Knowledge and experience with cloud security products such as Wiz Aqua etc.
Strong knowledge and experience with Kubernetes platform and services.
Experience in evaluating and selecting cloud security solutions from both in-house solutions and third-party vendors.
Experience/familiarity (hands-on) with security tools integrated into the CI/CD andproduction environments (SAST CSA DAST).
Experience in fintech or financial services industry
Familiarity with regulatory requirements and compliance standards in the financialindustry such as PCI DSS PSD2 and GDPR
#LI-PP1
#LI-Onsite
Employment Type
Full Time
