Application Development | Level 5 (USD) - Aptask : Job Details

About Client: Client is a global financial services firm that provides a wide range of investment banking, securities, wealth management, and investment management services. It is a prominent global financial services firm with a rich history and a strong presence in the financial industry. The Client is committed to corporate responsibility and sustainability. It aims to make a positive impact on society through various initiatives, such as promoting environmental sustainability, supporting diversity and inclusion, and engaging in philanthropic activities. About the Team:

• The mission of the Enterprise Security Platform (ESP) team is to implement the Firm's Cybersecurity Strategy by architecting, engineering, deploying and operating technical security controls and capabilities for the Enterprise.
• This is achieved by continued focus on architectural rigor, automation, Agile delivery and adoption of ESP's control implementations by our users and partners.
• Our culture champions diversity, an inclusive environment for all, recognition and an opportunity to give back to our communities through various local charity partnerships

Job Description: Responsibilities:

• Collaborate with a team of engineers to implement *** specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.
• Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.
• Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.
• With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
• Support security standards, create templates and patterns to increase the efficiency and adoption of security program.

Requirement:

• Bachelor's degree with 6 years of work experience in the IT field
• 3+ years software development experience using Java, JavaScript
• 3+ years of experience in the following:
• o OWASP Secure Coding Practices
• o Common software and web application security vulnerabilities
• o Application security scanning tools
• o Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins)
• Exposure to Python scripting
• Even Better If You Have
• A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field
• Business acumen to support the implementation of SAST or DAST or IAST across the enterprise
• Ability to perform code reviews with minimal assistance
• A self-starter, with a strong desire for learning new technologies and applying them to solve problems
• Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
• Familiarity with public cloud services a plus
• Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype
• Experience with Threat Analysis.
• Experience with DevSecOps, Secure SDLC.
• DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus
• Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus

About ApTask: Join ApTask, a global leader in workforce solutions and talent acquisition services, as we shape the future of work. We offer a comprehensive suite of offerings, including staffing and recruitment services, managed services, IT consulting, and project management, providing unparalleled opportunities for professional growth and development. As a member of our dynamic team, you'll have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success for our clients across diverse industries. If you are passionate about excellence, collaboration, and innovation, and aspire to make a meaningful impact in the world of work, come join us at ApTask and be a part of our mission to empower organizations to thrive. Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview. Candidate Data Collection Disclaimer: At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment. If you have any concerns or queries about your personal information, please feel free to contact our compliance team at [email protected] .