BẠN SẼ LÀM GÌ?
- Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
- Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria
- Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
- Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
- Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
YÊU CẦU CHUYÊN MÔN
- Prior experience in Software security testing, Penetration testing, Vulnerability, review code, information assurance.
- Certifications in software security testing, penetration testing, secure coding
- Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Skill in evaluating the adequacy of security designs.
- Skill in performing impact/risk assessments.
- Skill in secure test plan design (e. g. unit, integration, system, acceptance).
- Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
- Skill in conducting application vulnerability assessments.
- Skill in the use of penetration testing tools and techniques.
- Skill in using code analysis tools.
- Skill in integrating black box security testing tools into quality assurance process of software releases.
- Skill in designing countermeasures to identified security risks.
- Skill in developing and deploying attack signatures.