Nivel de Inglés
Transnational Company Global Leader in Marketing and Distribution of Food Supplements requests: Application Security Engineer
This position will help implement and validate the security controls on Herbalife applications worldwide and will support the Application Security Practice and DevSecOps. The Applications Security Engineer will to contribute to the implementation, evaluation and definition of new security standards and process with Herbalife’s application properties.
· Bachelor’s degree in Computer Science or related field.
· 3 years of proven work experience as a software security engineer
· Essential fluent English
· Knowledge of Secure Software Development Lifecycle best practices and expertise on implementation of application security controls
· Experience performing code reviews
· Application vulnerability management and penetration testing
· Advanced knowledge of programming language and development tools
· Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures, API integration) and of network/web related protocols
· Strong business ethics and policy compliance.
· Adequate knowledge of OS, Networks, Cryptography, Databases, Web Technologies.
· Knowledge of Application security tools such as Knowledge of Metasploit, Nessus, Qualys, Burpsuite, other.
· General Knowledge of Application development methodologies and Architecture
· Experience with Application security protection and testing tools such as DAST, IAST, SAST, MAST, RASP, WAF.
· General knowledge of build pipelines and CI/CD.
· General knowledge of Cloud application stacks.
1. Support the Change Management Code Review Process
2. Perform on-going security testing and code review to improve software security
3. Support Documentation development and maintenance
4. Guide development team members on secure coding practices and well as policy and hardening compliance
5. This position will help build tooling and integrations for the Application Security Team
6. Application penetration testing and vulnerability analysis.
7. Support Regional and Corporate Application Security projects.
8. Support end of month and on call schedules
9. 24x7 Availability
Send CV in PDF format in English to the email address specified in contact information in the name of the position as title, otherwise it will not be taken in consideration