Product Security Architect OWASP Top 10, Threat Modelling, SAST, DAST, MAST

Job Summary:

The Product Security Team ensures security by design product engineering and architecture.  In this role as a Senior Security Engineer you will conduct security assessments for products and solutions. You will collaborate with various cross functional teams and help to create define and implement security controls and security tooling in conjunction with internal product development and Devops teams.

Responsibilities

• Evaluate security postures and provide recommendations for improvement and risk reduction for Mobile Platforms(IOS/Android) AI Systems Internet of Things.
• Support engineering and development teams in implementing maintaining and troubleshooting application security tooling automation for SAST DAST MAST (iOS and Android) OSS API etc.
• Implement security modules tools and code snippets when needed.
• Participate in deep dive architectural discussions of new or existing applications software and services.
• Apply cryptographic primitives and protocols for authentication authorization and data protection.
• Recommend and manage transmission protection requirements for all environments (e.g. systems applications containers) such as VPC peering best practices SSL certificate management RSA key pairs etc.
• Continually evaluate new threats and attacks specific to Mobile Platforms IoT and AI Systems to identify the impact on business and help to develop and implement appropriate security controls.

MUST HAVE SKILLS:

• Bachelors degree in Computer Science or related fields
• Eight or more years of relevant work experience.
• Experience with mobile application security testing mobile code analysis vulnerabilities evaluation and remediation.
• Experience with performing security requirements analyses to secure deployment of large IoT mobile and/or AI systems.
• Experience with Secure SDLC including use of obfuscation techniques Reverse Engineering and Tamper Resistant software development.
• Experience with OWASP Top 10 vulnerabilities and Cryptographic Algorithms: PKI X.509 Public Key Certificates authentication protocols and transport layer security OID OAuth SAML.
• Understanding of various types of Exploits Threat Modeling and Attack surfaces

DESIRED SKILLS:

• Development experience in Swift Java Scala Python C/C or other languages and the ability to solve complex operational issues.
• Mobile or IoT application development experience is highly desirable
• Experience with IT Security Frameworks such as NIST ISO27001 PCI DSS FedRAMP
• One or more of the following certifications: Certified Ethical Hacker Python Institute Certifications C Institute Certifications Mobile Application Penetration Tester (eMAPT) ISC2 Certified Information Systems Security Professional (CISSP) or other Security Certification

Regards

Mohammed ilyas

PH - or Text - or You can share the updated resume at com

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Contract