Cyber Security Expert

• Perform security assessments, code reviews, and penetration testing for web, mobile, and cloud-based applications.
• Identify vulnerabilities such as OWASP Top 10 and implement strategies to mitigate them.
• Conduct dynamic and static code analysis using security tools (e.g., Burp Suite, Veracode, Checkmarx).
• Collaborate with development teams to integrate security best practices into the SDLC.
• Provide guidance on secure coding practices and ensure proper security controls are built into applications.
• Develop and maintain security guidelines for developers, including training programs and code reviews.
• Perform threat modeling and risk assessments for new and existing applications.
• Assess potential security risks and provide mitigation plans and recommendations.
• Review and assess third-party software, libraries, and services for security vulnerabilities.
• Respond to application-related security incidents and conduct root cause analysis.
• Develop security alerts and monitoring mechanisms for applications in production.
• Work closely with the SOC (Security Operations Center) to monitor for vulnerabilities and attacks.
• Maintain a continuous improvement process for identifying vulnerabilities through testing and automated tools.
• Track and ensure timely resolution of application vulnerabilities and work with teams to ensure patches and fixes are implemented.
• Ensure applications comply with industry security standards, such as OWASP, ISO 27001, NIST, and PCI DSS.
• Assist with audits and reviews of security processes related to application security.
• Keep up to date with the latest security trends, threats, and technologies.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• 3-5 years of experience in application security or a similar role.
• Proficiency in application security tools such as Burp Suite, OWASP ZAP, Veracode, Checkmarx, etc.
• Knowledge of secure coding practices in programming languages like Java, .NET, Python, JavaScript, and Node.js.
• Strong understanding of web vulnerabilities, including OWASP Top 10, and application threat modeling.
• Experience with CI/CD (Continuous Integration/Continuous Deployment) pipelines and integrating security tools into development workflows.
• Familiarity with cloud security practices (AWS, Azure, GCP) and securing applications in cloud environments.
• Solid understanding of authentication protocols such as OAuth, OpenID Connect, SAML.
• Excellent problem-solving skills with the ability to think like an attacker to identify vulnerabilities.

• Certifications such as OSCP, CEH, CISSP, GIAC GWAPT, CSSLP is a plus.
• Experience with containerization security (e.g., Docker, Kubernetes).
• Hands-on experience with DevSecOps practices and tooling.
• Understanding of data encryption techniques and cryptographic protocols.

If you’re passionate about [industry or field] and ready to make an impact at Digixvalley, we’d love to hear from you! Please send your resume and cover letter to Mehroz@digixvalley.com