基本信息

国家
Filipíny
城市
远程地点
职位编号
40205
部门
Information Technology
雇主名字
MID_SENIOR_LEVEL
雇主名字
FULL_TIME
Workplace Type
Remote

描述和要求

The Security Analyst will be working on application security and will be responsible for ensuring the security of Infor applications. This involves performing code reviews, vulnerability assessments, penetration testing, and implementing best practices and standards. The application security engineer works closely with developers, testers, and managers to identify and remediate security risks, providing recommendations for improving the security posture of the applications.

What You Will Need?
Required skills:
  • Ability to communicate effectively and clearly with developers, testers, managers, and stakeholders on security issues and recommendations.
  • Experience in reviewing penetration testing and vulnerability assessments on applications using manual and automated methods.
  • Experience in performing code reviews and static/dynamic analysis using tools such as SonarQube, Veracode, etc.
  • With vast operational experience in various security tools such as SAST, DAST, etc
  • Proficient in using various web and mobile application security tools and frameworks, such as Burp Suite, ZAP, AppScan, etc.
  • Strong knowledge of web and mobile application security principles, standards, and best practices, such as OWASP Top 10, SANS Top 25, NIST, etc.
  • Experience in application security, preferably in a large and complex environment.
  • Experience working in global environment
  • Fundamental knowledge of SaaS/Cloud architecture (AWS)
  • Practical experience in development and secure development practices
  • Ability to document, explain, and summarize findings in a clear and concise manner.
  • Ability to partner with multiple teams for reviews, guidance, and planning.

What Will Put You Ahead?
Preferred Qualifications:
  • AWS Cloud Practioner
  • CSSLP - Certified Secure Software Lifecycle Professional
  • Experience in secure development processes
  • Experience working in high tech company

A Day in The Life Typically Includes:
  • Provide security training and awareness to developers, testers, and other staff involved in the web and mobile application lifecycle.
  • Research and stay updated on the latest security trends, threats, and technologies in the web and mobile application domain.
  • Monitor and report on the security status and metrics of the applications and provide regular feedback to management and stakeholders.
  • Develop and implement security policies, standards, and best practices for web and mobile application development and testing.
  • Provide remediation guidance and recommendations to developers and testers on how to fix security flaws and improve the security of the applications.
  • Review penetration testing and vulnerability assessments on Infor applications using various partners and techniques.
  • Perform code reviews and static/dynamic analysis to identify security vulnerabilities and issues in web and mobile applications.
  • Working on documentation for processes for utilizing security tooling
  • Partnering with the rest of security team on project initiatives to ensure understand impact to development and business.


关于Infor

Infor是面向特定行业市场的企业提供商业云软件产品的全球领导者。Infor在云中构建完整的行业套件,并有效地部署将用户体验放在首位的技术,利用数据科学,并轻松集成到现有系统中。全球超过60,000家组织依靠Infor来帮助克服市场中断并实现全业务范围的数字化转型。 
更多信息请访问www.infor.com 

我们的价值观

在 Infor,我们努力创造一个建立于基于原则的管理™ (PBM)™ 和八项指导原则的经营理念的环境:诚实正直、守护资源和遵守法规、力求转型、有原则的企业家精神、善用知识、谦虚为怀、尊重他人和实现自我。增加多样性对于反映我们的市场、客户、合作伙伴以及我们现在和未来所服务的社区是非常重要的。br>

我们对基于PBM的文化有着不懈的承诺。PBM™植根于使自由和开放社会蓬勃发展的原则,为个人创新,改进和转型做好准备,同时培养健康,不断增长的业务,为客户和支持者创造长期价值,并充实员工。.

Infor是一个机会均等的雇主。我们致力于创造一个多元化和包容性的工作环境。Infor 不会基于候选人或员工的性别、种族、性别认同、残疾、年龄、性取向、宗教、国籍、兵役身份或任何其他受法律保护的身份而歧视候选人或员工。

在 Infor,我们重视您的隐私,因此我们制定了一项政策,您可以在 此处阅读.

返回职位列表