- Collect and analyze results of AppSec testing from across the organization. You will manage various formats of AppSec data using SharePoint, Excel and other tools.
- Create visuals with PowerBI and Excel to identify trends and issues. You are happy processing large volumes of data.
- Generate monthly reports based on your analysis of data.
- Explain OWASP Top Ten to people outside of AppSec teams.
- Research application security issues and trends.
- Learn about our security tools and assist with their configuration.
- Review features of new tools and assess their functionality and effectiveness.
- Share the results of your work. You may present to small groups covering techniques that you developed, AppSec trends, tool configuration, etc.
- Document processes and procedures so that others can apply the same techniques and benefit from your work.
- You may be called upon to automate data feeds and processes using scripting languages.
- You will communicate with AppSec teams across the organization and beyond. You will apply your skills in negotiation and persuasion to gather and communicate information.
This is the job for you because:
- You are interested in a future career in Application Security. You want to help make applications more secure.
- You have a security mindset. You are always on the lookout for software security weaknesses.
- You’ve got basic programming know-how with one or more structured programming languages like C#, Java and C++. Some experience with databases and SQL will be helpful.
- You know the OWASP Top Ten inside and out.
- You have experience with a security testing tool.
- You have experience with a scripting language like Bash, PowerShell or other interpreted languages like Python and Perl. You are always looking to automate processes with scripting and macros.
- You’ve got PC skills with tools like Word, Excel, PowerPoint, Visio and Access.
- You’re an enthusiastic team player with good communication skills in person, on the phone, in email and by IM.
- You are always learning something new. You stay on top of developments and events in the security world.