Job Summary: Ensure that developed software meets high security standards by identifying, assessing, and remedying vulnerabilities throughout the development lifecycle. Key Highlights: 1. Analyze source code to identify vulnerabilities (SAST, DAST, IAST). 2. Integrate security tools into CI/CD pipelines. 3. Train teams on OWASP Top 10, CWE, MITRE ATT&CK, and ISO/IEC 27034. Ensure that developed software meets high security standards by identifying, assessing, and remedying vulnerabilities throughout the development lifecycle, thereby contributing to risk prevention and strengthening the organization’s cybersecurity posture. ️ Key Responsibilities * Analyze source code to identify vulnerabilities (SAST, DAST, IAST). * Implement practices of the Secure Software Development Lifecycle (SSDLC). * Integrate security tools into CI/CD pipelines. * Collaborate with development teams to remediate vulnerabilities and apply secure coding best practices. * Manage libraries, frameworks, and dependencies to avoid risks from insecure versions. * Establish policies and guidelines for secure software development. * Conduct security testing on web, mobile applications, and APIs. * Generate findings reports and track remediation progress. * Train teams on OWASP Top 10, CWE, MITRE ATT\&CK, and ISO/IEC 27034\. Required Technical Skills * Proficiency in Java, .NET, Python, JavaScript/Node.js, and PHP. * Knowledge of secure development frameworks (OWASP ASVS, SAMM). * Experience with tools such as SonarQube, Checkmarx, Fortify, Synopsys Veracode, and GitHub Dependabot. * Familiarity with standards and reference frameworks: OWASP, CWE, NIST, ISO/IEC 27001 and 27034, PCI DSS. * Understanding of web architectures, REST/SOAP APIs, and microservices. * Experience in DevSecOps and automation of security controls within pipelines. * Applied cryptography knowledge (TLS, hashing, symmetric/asymmetric encryption). Academic Qualifications Bachelor’s or Engineering degree in Computer Systems, Computer Science, Cybersecurity, or related fields.